Home Android Smalien – Information Flow Analysis Tool For Android Applications [BlackHat Tool]

Smalien – Information Flow Analysis Tool For Android Applications [BlackHat Tool]

August 26, 2019 Leave a Comment
Smalien - Information Flow Analysis Tool For Android Applications BlackHat Tool xploitlab

Android developer is a new big deal to earn money from applications, in google play store millions of applications that we can installs on smartphones, but attacker can hide virus on real applications espically if you download the apps not from play store. Attacker can spy on with games applications that you install in your phone. We need to analyze which android application contains a virus.

Overview

Smalien is an information flow analysis and information leakage detection tool for Android application analysis. Smalien performs static taint analysis of Android applications on a Linux machine as well as dynamic taint analysis, detection of information leakage due to implicit information flows, and privacy policy enforcement on an Android device at runtime.

Black Hat USA 2019 Arsenal

Currently, we are working on another branch, demo-master. Please check it out to get programs that we have used at the Arsenal.

Smalien has following functions

  • Analyzing an Android application statically and gathers information of classes, methods, variables, etc.
  • Presenting the results of the analysis graphically such as a method call graph and an information flow diagram.
  • Performing dynamic taint analysis on an Android device.
  • Enforcing privacy policy specified by an analyst.
  • Detecting information leakage due to implicit information flows.
  • Logging actual information operated by any bytecode or API call, such as http request, at runtime to encourage an analyst in his/her inspection.

Required Tools

Usage

Check our Wiki for full instructions.

Run static analysis

python main.py

It generates parsed_data.json and data_flows.json as the results.

Generate graphs

python generate_graphs.py parsed_data.json data_flows.json

It generates output_class_calls.md and output_data_flows.md as the results. These files includes scripts for mermaid. You may use a markdown viewer such as Haroopad to check the graphs.

Run dynamic analysis

New apk file implanted.apk is placed in smalien/hive/workspace/. Install it to your Android device by following command and run it.

adb install -g hive/workspace/implanted.apk

Currently, Smalien is a prototype of our academic research and doesn’t have full-function. We are working on it!

Download Smalien

You May Also Like

OpenRedireX - Open Redirect Scanner and Fuzzer Tool

OpenRedireX – Open Redirect Scanner and Fuzzer Tool

Mantra - Tool to Find API key and Sensitive Information Leaks in JS Files and Pages

Mantra – Tool to Find API key Leaks in JS Files & Pages

Bypass 403 - Simple Script Tool For Bypassing 403 Forbidden Response

Bypass 403 – Simple Script For Bypassing 403 Forbidden Response

Burpgpt - Connect OpenAI gpt with burp suite to detect security vulnerabilities that traditional scanners might miss

Burpgpt –  Integrate OpenAI GPT with Burp Suite to Discover Highly Bespoke Vulnerabilities

WaybackSQLiScanner automatically gather urls from wayback machine then test each GET parameter for sql injection

waybackSqliScanner – Tool to Gather URLs from Wayback Machine Then Test For SQL Injection

Commix - Tool to automates the process of command injection detection and exploitation

Commix – Automated OS Command Injection Exploitation Tool

Leave a Reply

Your email address will not be published. Required fields are marked *

17 − 13 =