Droidefense (originally named atom: analysis through observation machine)* is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has anti-analysis routines, Droidefense attemps to bypass them in order to get to the code and ‘bad boy’ routine. Sometimes those techniques can be virtual machine detection, emulator detection, self certificate checking, pipes detection. tracer pid check, and so on.
Droidefense uses an innovative idea in where the code is not decompiled rather than viewed. This allow us to get the global view of the execution workflow of the code with a 100% accuracy on gathered information. With this situation, Droidefense generates a fancy html report with the results for an easy understanding.
Also ReadMobSF – Mobile Security Framework Is An Automated All-In-One Mobile Application
java -jar droidefense-cli-1.0-SNAPSHOT.jar -i /path/to/your/sample.apk
java -jar droidefense-cli-1.0-SNAPSHOT.jar
________ .__ .___ _____
\______ \_______ ____ |__| __| _/_____/ ____\____ ____ ______ ____
| | \_ __ \/ _ \| |/ __ |/ __ \ __\/ __ \ / \ / ___// __ \
| ` \ | \( <_> ) / /_/ \ ___/| | \ ___/| | \\___ \\ ___/
/_______ /__| \____/|__\____ |\___ >__| \___ >___| /____ >\___ >
\/ \/ \/ \/ \/ \/ \/
* Current build: 2018_03_09__09_17_34
* Check out on Github: https://github.com/droidefense/
* Report your issue: https://github.com/droidefense/engine/issues
* Lead developer: @zerjioang
usage: droidefense
-d,--debug print debugging information
-h,--help print this message
-i,--input <apk> input .apk to be analyzed
-o,--output <format> select prefered output:
json
json.min
html
-p,--profile Wait for JVM profiler
-s,--show show generated report after scan
-u,--unpacker <unpacker> select prefered unpacker:
zip
memapktool
-v,--verbose be verbose
-V,--version show current version information
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…