Android developer is a new big deal to earn money from applications, in google play store millions of applications that we can installs on smartphones, but attacker can hide virus on real applications espically if you download the apps not from play store. Attacker can spy on with games applications that you install in your phone. We need to analyze which android application contains a virus.
Black Hat USA 2019 Arsenal
Currently, we are working on another branch, demo-master. Please check it out to get programs that we have used at the Arsenal.
Smalien has following functions
- Analyzing an Android application statically and gathers information of classes, methods, variables, etc.
- Presenting the results of the analysis graphically such as a method call graph and an information flow diagram.
- Performing dynamic taint analysis on an Android device.
- Detecting information leakage due to implicit information flows.
- Logging actual information operated by any bytecode or API call, such as http request, at runtime to encourage an analyst in his/her inspection.
Check our Wiki for full instructions.
It generates parsed_data.json and data_flows.json as the results.
It generates output_class_calls.md and output_data_flows.md as the results. These files includes scripts for mermaid. You may use a markdown viewer such as Haroopad to check the graphs.
New apk file implanted.apk is placed in smalien/hive/workspace/. Install it to your Android device by following command and run it.
Currently, Smalien is a prototype of our academic research and doesn’t have full-function. We are working on it!