Malware Analysis && UnEthical Hacking
inicio hacking WiFu WiBOG MDB
  Android Malware Analysis Tools Imagen by davidsancar   


TOOLS

» AFLogical - Android forensics tool developed by viaForensics
» Amandroid - Is a static analysis framework for Android apps
» Android backup extractor - Android backup extractor
» Android Loadable Kernel Modules
» Android SDK
» Android4me - J2ME port of Google's Android
» Android-forensics - Open source Android Forensics app and framework
» Android-random - Collection of extended examples for Android developers
» Androwarn - Is a tool whose main aim is to detect and warn the user about potential malicious behaviours developped by an Android application
» ApkAnalyser - Static, virtual analysis tool
» Apk-extractor - Android Application (.apk) file extractor and Parser for Android Binary XML
» Apkinspector - Powerful GUI tool for analysts to analyze the Android applications
» Apk-recovery - Recover main resources from your .apk file
» Audit tools
» bunq fuzzer - Program for testing a mobile app by sending it semi-random inputs
» Canhazaxs - A tool for enumerating the access to entries in the file system of an Android device
» ConDroid - Symbolic/concolic execution of Android apps
» DDMS - Dalvik Debug Monitor Server
» Decaf-platform - DECAF Binary Analysis Platform
» Device Monitor - Graphical user interface for several Android application debugging and analysis tools
» Dexinfo - A very rudimentary Android DEX file parser
» Dexter - Static android application analysis tool
» Dexterity - Dex manipulation library
» Dextools - Miscellaenous DEX (Dalvik Executable) tools
» DidFail - Uses static analysis to detect potential leaks of sensitive information within a set of Android apps
» Drozer - Comprehensive security audit and attack framework for Android
» FindBugs - Find Bugs in Java Programs
» Find Security Bugs - The FindBugs plugin for security audits of Java web applications.
» FlowDroid - Is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications
» Heimdall - Cross-platform open-source tool suite used to flash firmware (aka ROMs) onto Samsung mobile devices
» Hidex - Demo application where a method named thisishidden() in class MrHyde is hidden from disassemblers but no called by the app
» Hooker - Automated Dynamic Analysis of Android Applications
» Maldrolyzer - Simple framework to extract "actionable" data from Android malware (C&Cs, phone numbers etc.)
» mbfuzzer (Mobile Application Fuzzer via SSL MITM) - Mobile Application Fuzzer via SSL MITM
» PScout - Analyzing the Android Permission Specification
» Scalpel - A surgical debugging tool to uncover the layers under your app
» SPARTA - Is building a toolset to verify the security of mobile phone applications
» Apk Sign - Sign.jar automatically signs an apk with the Android test certificate.
» SIIS Tools - This page contains a list of software tools created by the SIIS lab
» Smali - An assembler/disassembler for Android's dex format
» Smali-CFGs - Smali Control Flow Graph's
» SmaliEx - A wrapper to get dex from oat
» SmaliSCA - Static Code Analysis for Smali files
» Soot - Java Optimization Framework
» STAMP - STatic Analysis of Mobile Programs
» Systrace - Analyze the performance capturing and displaying execution times of your applications and other Android system processes
» TaintDroid - Tracking how apps use sensitive information required
» Traceview - Graphical viewer for execution logs saved by your application
» Undx - Bytecode translator
» XML-apk-parser - Print AndroidManifest.xml directly from apk file


VULNERABILITIES

» AndroBugs Framework - Is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. No need to install on Windows.
» Devknox - Autocorrect security issues as you write code
» JAADAS - Joint Advanced Defect assEsment for android applications
» QARK - Quick Android Review Kit - This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs.
» Quixxi - Free automated vulnerability test.
» SUPER Android Analyzer - Secure, Unified, Powerful and Extensible Rust Android Analyzer


FUZZING

» IntentFuzzer - is a tool that can be used on any device using the Google Android operating system (OS)
» Radamsa Fuzzer - An Android port of radamsa fuzzer
» Honggfuzz - Security oriented fuzzer with powerful analysis options
» Melkor - An Android port of the melkor ELF fuzzer
» MFFA - Media Fuzzing Framework for Android
» AndroFuzz - A fuzzing utility for Android that focuses on reporting and delivery portions of the fuzzing process


UNPACKERS / DEOBFUSCATORS

» Android Unpacker - Android Unpacker presented at Defcon 22 - Android Hacker Protection Level 0
» Dehoser - Unpacker for the HoseDex2Jar APK Protection which packs the original file inside the dex header
» Kisskiss - Unpacker for various Android packers/protectors
» Simplify - Generic Android Deobfuscator
» ClassNameDeobfuscator - Simple script to parse through the .smali files produced by apktool and extract the .source annotation lines.


PACKERS / OBFUSCATORS

» Allatori
» APKfuscator - A generic DEX file obfuscator and munger
» APKProtect
» Bangcle
» DexGuard - Optimizer and obfuscator for Android
» HoseDex2Jar - Adds some instructions to the classes.dex file that Dex2Jar can not process
» ProGuard - Shrinks, optimizes, and obfuscates the code by removing unused code and renaming classes, fields, and methods with semantically obscure names


RE

» AndBug - A Scriptable Android Debugger
» AndroChef - Java Decompiler apk, dex, jar and java class-files
» Androguard - powerful, integrates well with other tools
» Android Framework for Exploitation
» APK Studio - Android Reverse Engineering Tool By Vaibhav Pandey a.k.a VPZ
» Apktool – really useful for compilation/decompilation (uses smali)
» ART - GUI for all your decompiling and recompiling needs
» Bypass signature and permission checks for IPCs
» Android OpenDebug – make any application on device debuggable (using cydia substrate)
» Dare – .dex to .class converter
» Dava - Decompiler for arbitrary Java bytecode
» DecoJer - Java Decompiler
» Dex2Jar - dex to jar converter
» Dex-decomplier - Dex decompiler
» Enjarify - dex to jar converter from Google
» Dedexer - is a disassembler tool for DEX files
» Fino - Android small footprint inspection tool
» Frida - inject javascript to explore applications and a GUI tool for it
» Indroid – thread injection kit
» IntentSniffer - is a tool that can be used on any device using the Google Android operating system (OS)
» Introspy - Blackbox tool to help understand what an Android application is doing at runtime and assist in the identification of potential security issues
» JAD - Java decompiler
» JADX - Dex to Java decompiler
» JD-GUI - Java decompiler
» JEB Decompiler - The Interactive Android Decompiler
» CFR - Java decompiler
» Krakatau - Java decompiler
» Luyten - Java Decompiler Gui for Procyon
» Procyon - Java decompiler
» FernFlower - Java decompiler
» Redexer – apk manipulation
» Smali viewer
» Simplify Android deobfuscator - Generic Android Deobfuscator
» Bytecode viewer - A Java 8 Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
» Radare2 - Unix-like reverse engineering framework and commandline tools
» Reverse Android - Reverse-engineering tools for Android applications
» Xenotix-APK-Decompiler - APK decompiler powered by dex2jar and JAD
» ZjDroid - Android app dynamic reverse tool based on Xposed framework


NETWORK

» Android tcpdump
» Canape
» Nogotofail
» ProxyDroid
» Wireshark


TOOLKITS

» Android Malware Analysis Toolkit
» Android Tamer
» Androl4b
» APK Resource Toolkit
» Appie – Android Pentesting Portable Integrated Environment
» AppUse
» AuditdAndroid
» CobraDroid
» CuckooDroid
» MARA_Framework
» Mem
» MobiSec
» Open Source Android Forensics Toolkit
» ProbeDroid
» Santoku
» Vezir-Project
» viaLab Community Edition


FRAMEWORKS

» MobSF - Mobile Security Framework
» Needle


SANDBOXES

» Android Sandbox
» AndroTotal
» Anubis
» APK Analyzer
» APP-RAY
» AppCritique
» Appknox
» AVCaesar
» AVC UnDroid
» CopperDroid
» Droidbox
» Eacus - MobiSec Lab
» HackApp
» Mobile Malware Analysis
» Mobile Sandbox
» NVISO ApkScan
» SandDroid
» Tracedroid
» VisualThreat

Inicio       ||       Comunidad       ||      Servicios       ||      Proyectos       ||      Hacking       ||      Contáctenos