Android APK線上動態分析工具

Android APK線上動態與靜態分析工具

線上分析工具

• SandDroid http://sanddroid.xjtu.edu.cn

• VisualThreat http://cn.visualthreat.com (推薦)

• Anubis http://anubis.iseclab.org

• VirusTotal https://www.virustotal.com (推薦)

• http://dexter.dexlabs.org/ (推薦)

• ForeSafe http://www.foresafe.com/list

• JoeSecurity http://www.joesecurity.org

• MobileSandbox http://mobilesandbox.org

• APK Analyzer http://www.apk-analyzer.net

• AndroidSandbox http://www.androidsandbox.net

• Dynodroid http://pag-www.gtisc.gatech.edu/dynodroid

• Tracedroid http://tracedroid.few.vu.nl

TOOLS

» AFLogical – Android forensics tool developed by viaForensics
» AndroChef – Java Decompiler apk, dex, jar and java class-files
» Androguard – Reverse engineering, Malware and goodware analysis of Android applications
» Android Loadable Kernel Modules
» Android SDK
» Android4me – J2ME port of Google’s Android
» Android-apktool – A tool for reverse engineering Android apk files
» Android-forensics – Open source Android Forensics app and framework
» Android-random – Collection of extended examples for Android developers
» APK Studio – Android Reverse Engineering Tool By Vaibhav Pandey a.k.a VPZ
» ApkAnalyser – Static, virtual analysis tool
» Apk-extractor – Android Application (.apk) file extractor and Parser for Android Binary XML
» Apkinspector – Powerful GUI tool for analysts to analyze the Android applications
» Apk-recovery – Recover main resources from your .apk file
» ART – GUI for all your decompiling and recompiling needs
» Audit tools
» Canhazaxs – A tool for enumerating the access to entries in the file system of an Android device
» Dava – Decompiler for arbitrary Java bytecode
» DDMS – Dalvik Debug Monitor Server
» Decaf-platform – DECAF Binary Analysis Platform
» DecoJer – Java Decompiler
» Dedexer – Disassembler tool for DEX files.
» Device Monitor – Graphical user interface for several Android application debugging and analysis tools
» Dex2jar – Tools to work with android .dex and java .class files
» Dex-decomplier – Dex decompiler
» Dexinfo – A very rudimentary Android DEX file parser
» Dexter – Static android application analysis tool
» Dexterity – Dex manipulation library
» Dextools – Miscellaenous DEX (Dalvik Executable) tools
» Drozer – Comprehensive security audit and attack framework for Android
» Heimdall – Cross-platform open-source tool suite used to flash firmware (aka ROMs) onto Samsung mobile devices
» Hidex – Demo application where a method named thisishidden() in class MrHyde is hidden from disassemblers but no called by the app
» Hooker – Automated Dynamic Analysis of Android Applications
» JAD – Java Decompiler
» JADX – Dex to Java decompiler
» JD-GUI – Standalone graphical utility that displays Java source codes of “.class” files
» JEB Decompiler – The Interactive Android Decompiler
» Luyten – Java Decompiler Gui for Procyon
» Radare – The reverse engineering framework
» Redexer – A Dalvik bytecode instrumentation framework
» Reverse Android – Reverse-engineering tools for Android applications
» Scalpel – A surgical debugging tool to uncover the layers under your app
» Smali – An assembler/disassembler for Android’s dex format
» Soot – Java Optimization Framework
» STAMP – STatic Analysis of Mobile Programs
» Systrace – Analyze the performance capturing and displaying execution times of your applications and other Android system processes
» TaintDroid – Tracking how apps use sensitive information required
» Traceview – Graphical viewer for execution logs saved by your application
» Undx – Bytecode translator
» Xenotix-APK-Decompiler – APK decompiler powered by dex2jar and JAD
» XML-apk-parser – Print AndroidManifest.xml directly from apk file
» ZjDroid – Android app dynamic reverse tool based on Xposed framework

UNPACKERS

» Android Unpacker – Android Unpacker presented at Defcon 22 – Android Hacker Protection Level 0
» Dehoser – Unpacker for the HoseDex2Jar APK Protection which packs the original file inside the dex header
» Kisskiss – Unpacker for various Android packers/protectors

PACKERS / OBFUSCATORS

» Allatori
» APKfuscator – A generic DEX file obfuscator and munger
» APKProtect
» Bangcle
» DexGuard – Optimizer and obfuscator for Android
» HoseDex2Jar – Adds some instructions to the classes.dex file that Dex2Jar can not process
» ProGuard – Shrinks, optimizes, and obfuscates the code by removing unused code and renaming classes, fields, and methods with semantically obscure names

TOOLKITS

» Android Malware Analysis Toolkit
» APK Resource Toolkit
» MobiSec
» Open Source Android Forensics Toolkit
» Santoku

SANDBOXES
» Android Sandbox
» Anubis
» APK Analyzer
» AVCaesar
» Droidbox
» HackApp
» Mobile Sandbox
» SandDroid
» VisualThreat