AndBug Logo

AndBug

0
Free
Visit Website

AndBug is a debugger targeting the Android platform's Dalvik virtual machine intended for reverse engineers and developers. It uses the same interfaces as Android's Eclipse debugging plugin, the Java Debug Wire Protocol (JDWP) and Dalvik Debug Monitor (DDM) to permit users to hook Dalvik methods, examine process state, and even perform changes. Unlike Google's own Android Software Development Kit debugging tools, AndBug does not require or expect source code. It does, however, require that you have some level of comfort with Python, as it uses a concept of scripted breakpoints, called 'hooks', for most nontrivial tasks. If you just want to dump loaded classes, methods, or threads, there are example scripts for that. AndBug is very much a program in flux, as I separate one-off scripts I have written at IOActive for various tasks from customer and IOActive-proprietary contexts. I do not recommend installation at this time, as you will want to update it frequently afterwards. AndBug runs very nicely from its own source directory with very little setup. Install the Android Software Development Kit.

FEATURES

ALTERNATIVES

Cybersecurity tool merging DarunGrim's analysis algorithms, currently in internal testing for official release.

Automated Android Malware Analysis tool

A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.

Automate the exploitation of XXE vulnerabilities

Collection of malware persistence information and techniques

A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.

A project providing open-source YARA rules for malware and malicious file detection

Valkyrie is a sophisticated file verdict system that enhances malware detection through behavioral analysis and extensive file feature examination.

PINNED