Android Malware Sandbox Logo

Android Malware Sandbox

0
Free
Visit Website

This project provides a simple, configurable, and modulable sandbox for quickly sandboxing known or unknown families of Android Malware. Demo Installation: First, you'll need to install Android-Studio or something that can launch AVD. Then, you'll need to create the AVD you want to run the samples. Next, you'll need to install dependencies: python3 -m venv env source env/bin/activate apt install -y liblzma-dev pip install -r requirements.txt pip install frida-push npm install npm install -g frida-compile Then, you'll need to configure config.ini: Change adb_path and emulator_path with the path of your binaries. Next, you'll need to configure the emulator in config.ini: [EMULATOR] vm_name = Nexus_5X_API_28 snapshot_name = use_snapshot = no show_window = yes wipe_data = yes Change the output database file. There are many more options in the config file, feel free to change them. All is set up, you can now launch your analysis by using: python main.py <path-to-apks> To customize run, change settings in config.ini. Reporting: Once

FEATURES

ALTERNATIVES

Hyara is a plugin that simplifies writing YARA rules with various convenient features.

RABCDAsm is a collection of utilities for ActionScript 3 assembly/disassembly and SWF file manipulation.

Go bindings for YARA with installation and build instructions.

OCyara performs OCR on image files and scans them for matches to Yara rules, supporting Debian-based Linux distros.

A command-line program for finding secrets and sensitive information in textual data and Git history.

A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.

A comprehensive guide to malware analysis and reverse engineering, covering topics such as lab setup, debugging, and anti-debugging.

Yabin creates Yara signatures from malware to find similar samples.

PINNED