Home Android Smalien – Information Flow Analysis Tool For Android Applications [BlackHat Tool]

Smalien – Information Flow Analysis Tool For Android Applications [BlackHat Tool]

August 26, 2019 Leave a Comment
Smalien - Information Flow Analysis Tool For Android Applications BlackHat Tool xploitlab

Android developer is a new big deal to earn money from applications, in google play store millions of applications that we can installs on smartphones, but attacker can hide virus on real applications espically if you download the apps not from play store. Attacker can spy on with games applications that you install in your phone. We need to analyze which android application contains a virus.

Overview

Smalien is an information flow analysis and information leakage detection tool for Android application analysis. Smalien performs static taint analysis of Android applications on a Linux machine as well as dynamic taint analysis, detection of information leakage due to implicit information flows, and privacy policy enforcement on an Android device at runtime.

Black Hat USA 2019 Arsenal

Currently, we are working on another branch, demo-master. Please check it out to get programs that we have used at the Arsenal.

Smalien has following functions

  • Analyzing an Android application statically and gathers information of classes, methods, variables, etc.
  • Presenting the results of the analysis graphically such as a method call graph and an information flow diagram.
  • Performing dynamic taint analysis on an Android device.
  • Enforcing privacy policy specified by an analyst.
  • Detecting information leakage due to implicit information flows.
  • Logging actual information operated by any bytecode or API call, such as http request, at runtime to encourage an analyst in his/her inspection.

Required Tools

Usage

Check our Wiki for full instructions.

Run static analysis

python main.py

It generates parsed_data.json and data_flows.json as the results.

Generate graphs

python generate_graphs.py parsed_data.json data_flows.json

It generates output_class_calls.md and output_data_flows.md as the results. These files includes scripts for mermaid. You may use a markdown viewer such as Haroopad to check the graphs.

Run dynamic analysis

New apk file implanted.apk is placed in smalien/hive/workspace/. Install it to your Android device by following command and run it.

adb install -g hive/workspace/implanted.apk

Currently, Smalien is a prototype of our academic research and doesn’t have full-function. We are working on it!

Download Smalien

You May Also Like

MetaFinder - Tool for Searching Documents in a Domain with search engine google, bing, baidu, yandex

MetaFinder – Tool for Searching Documents in a Domain

Dirsearch - Web Content Fuzzing Scanner to find juicy APIs or endpoints, sensitive data exposure, config file

Dirsearch – Web Content Discovery Scanner

ApkLeaks - Tool For Scanning Mobile Application APK file to Extract All Data URIs, Endpoints & Secrets

ApkLeaks – Tool For Scanning APK file to Extract URIs, Endpoints & Secrets

Fully automated Log4j RCE Scanning and Exploit Tool Kali Linux

log4j-scan – Log4j RCE Scanning and Exploit Tool

Subzy - Subdomain Takeover Vulnerability Scan Tool

Subzy – Subdomain Takeover Vulnerability Tool

IntruderPayloads - a Collection of Burpsuite Intruder Payloads For Bug Hunting

IntruderPayloads – Collection of Burpsuite Intruder Payloads For Bug Hunting

Leave a Reply

Your email address will not be published. Required fields are marked *

2 × 1 =