Androguard module for Yara
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
Androguard module for Yara
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
Androguard module for Yara Description
This module for Yara is part of the Koodous project https://koodous.com and it integrates static APK analysis with Yara. You can use it to find APKs by package name, permissions or API level, etc. Find the documentation for this module in the Koodous documentation's site: http://docs.koodous.com/yara/androguard/ Preparing compilation: If you want to use this module, first you need to re-compile Yara with the androguard module. To do so, you need to modify some files. Follow the basic steps in the official docs: http://yara.readthedocs.org/en/latest/writingmodules.html#building-our-hello-world Include the file androguard.c in folder libyara/modules. Modify "libyara/modules/module_list" and add "MODULE(androguard)" in the cuckoo block. The file should look like the following: MODULE(pe) MODULE(elf) MODULE(math) #ifdef CUCKOO MODULE(cuckoo) MODULE(androguard) #endif Modify "libyara/Makefile.am" to add androguard module ("MODULES += modules/androguard.c") in the cuckoo block: MODULES = modules/tests.c MODULES += modules/pe.c if CUCKOO MODULES += modules/cuckoo.c MODULES += modules/androguard.c endif Recompile Yara, but enabling cuckoo module.
Androguard module for Yara FAQ
Common questions about Androguard module for Yara including features, pricing, alternatives, and user reviews.
Androguard module for Yara is Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.. It is a Application Security solution designed to help security teams with YARA, Android Security.
