Droidefense – Advance Android Malware Analysis Framework

0
22
Droidefense – Advance Android Malware Analysis Framework

Droidefense (initially named atom: analysis through observation machine)* is the codename for android apps/malware evaluation/reversing device. It was constructed centered on safety points and tips that malware researcher have on they every single day work. For these conditions on the place the malware has anti-evaluation routines, Droidefense attemps to bypass them with the intention to get to the code and ‘unhealthy boy’ routine. Sometimes these methods will be virtual machine detection, emulator detection, self certificates checking, pipes detection. tracer pid test, and so forth.

Droidefense makes use of an progressive thought in the place the code is just not decompiled relatively than seen. This enable us to get the worldwide view of the execution workflow of the code with a 100% accuracy on gathered data. With this case, Droidefense generates a elaborate html report with the outcomes for a straightforward understanding.


Usage

TL;DR

java -jar droidefense-cli-1.0-SNAPSHOT.jar -i /path/to/your/pattern.apk

Detailed utilization

java -jar droidefense-cli-1.0-SNAPSHOT.jar

________               .__    .___      _____                            
______ _______  ____ |__| __| _/_____/ ________   ____   ______ ____  
 |    |  _  __ /  _ |  |/ __ |/ __    __/ __  /     /  ___// __  
 |    `     | (  <_> )  / /_/   ___/|  |   ___/|   |  ___   ___/ 
/_______  /__|   ____/|______ |___  >__|  ___  >___|  /____  >___  >
        /                     /    /          /     /     /     / 


 * Current construct:    2017_12_05__12_07_01
 * Check out on Github:    https://github.com/droidefense/
 * Report your situation:    https://github.com/droidefense/engine/points
 * Lead developer:    @zerjioang

utilization: droidefense
 -d,--debug                 print debugging data
 -h,--help                  print this message
 -i,--input <apk>           enter .apk to be analyzed
 -o,--output <format>       choose prefered output:
                            json
                            json.min
                            html
 -p,--profile               Wait for JVM profiler
 -s,--show                  present generated report after scan
 -u,--unpacker <unpacker>   choose prefered unpacker:
                            zip
                            memapktool
 -v,--verbose               be verbose
 -V,--version               present present model data
 

Useful data

  • Checkout the best way to compile new model at:
  • Checkout report instance at:
  • Checkout execution logs at:

MoreTip.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.