Links
Documentation
- SeGuard Analyzer: https://izgzhen.github.io/seguard-www/
Library references
- Static analysis:
- Soot:
- https://www.sable.mcgill.ca/soot/, https://www.sable.mcgill.ca/soot/doc/index.html
- https://www.bodden.de/pubs/bodden12inter-procedural.pdf
- https://github.com/sable/soot/wiki
- https://github.com/sable/heros
- https://github.com/uwplse/seguard-resources/wiki/Soot-Reference
- http://cs.au.dk/~amoeller/mis/soot.pdf
- WALA:
- Soot:
- Machine Learning:
- Graph analysis:
Misc
Guides:
- https://maddiestone.github.io/AndroidAppRE/reversing_intro.html
- http://www.brics.dk/SootGuide/
- https://github.com/Sable/soot/wiki/Implementing-an-intra-procedural-data-flow-analysis-in-Soot
- https://www.rasthofer.info/publications/paper/RV2013-AndroidTutorial.pdf
- Using Soot to instrument a class file https://www.sable.mcgill.ca/soot/tutorial/profiler2/index.html
- https://github.com/Sable/soot/wiki/Using-Soot-as-a-Program-Optimizer
- https://stackoverflow.com/questions/44944837/how-to-create-a-control-flow-graph-with-soot
Projects:
- https://github.com/secure-software-engineering/FlowDroid
- https://github.com/Sable/soot
- https://github.com/MIT-PAC/droidsafe-src
- https://github.com/grievejia/CostInstrument
- https://www.abartel.net/dexpler/
- https://github.com/CalebFenton/simplify/
- https://github.com/CalebFenton/dex-oracle
- https://sourceforge.net/projects/proguard/
- https://github.com/JesusFreke/smali
- https://github.com/skylot/jadx
- https://github.com/necst/aamo
- https://github.com/pxb1988/dex2jar
- https://github.com/secure-software-engineering/SuSi
- https://sourceforge.net/p/dex2jar/wiki/DecryptStrings/
- http://siis.cse.psu.edu/ded/
- https://github.com/izgzhen/java2smali
- https://github.com/SUPERAndroidAnalyzer/super
Blogs:
- https://rednaga.io
- https://www.evilsocket.net/2016/04/18/how-i-defeated-an-obfuscated-and-anti-tamper-apk-with-some-python-and-a-home-made-smali-emulator/
- http://calebfenton.github.io
- https://blog.datarepo.cn/2017/12/30/android-malware-datasets/
QA:
Meta:
- Android (Investigative) Tools http://cecs.wright.edu/~pmateti/Courses/4440/Lectures/Tools/
- https://www.csc2.ncsu.edu/faculty/xjiang4/alerts.html Mobile Security Alerts
Datasets:
- https://github.com/secure-software-engineering/DroidBench
- https://f-droid.org/en/
- http://www.malgenomeproject.org
- http://modroid.co.nf/research/ M0Droid
- https://www.sec.cs.tu-bs.de/~danarp/drebin/
- http://contagiodump.blogspot.com/2013/03/16800-clean-and-11960-malicious-files.html ContagioDump
- https://github.com/ashishb/android-malware
- http://kharon.gforge.inria.fr/dataset/
- http://amd.arguslab.org
- https://www.unb.ca/cic/datasets/android-adware.html
- http://pralab.diee.unica.it/en/AndroidPRAGuardDataset
- https://androzoo.uni.lu
- https://koodous.com
- ANDROZO
Lecture Slides: