Android Malware Sandbox
This project provides a simple, configurable, and modulable sandbox for quickly sandboxing known or unknown families of Android Malware. Demo Installation: First, you'll need to install Android-Studio or something that can launch AVD. Then, you'll need to create the AVD you want to run the samples. Next, you'll need to install dependencies: python3 -m venv env source env/bin/activate apt install -y liblzma-dev pip install -r requirements.txt pip install frida-push npm install npm install -g frida-compile Then, you'll need to configure config.ini: Change adb_path and emulator_path with the path of your binaries. Next, you'll need to configure the emulator in config.ini: [EMULATOR] vm_name = Nexus_5X_API_28 snapshot_name = use_snapshot = no show_window = yes wipe_data = yes Change the output database file. There are many more options in the config file, feel free to change them. All is set up, you can now launch your analysis by using: python main.py <path-to-apks> To customize run, change settings in config.ini. Reporting: Once
FEATURES
SIMILAR TOOLS
A framework for reverse engineering Flutter apps with modified Flutter library for dynamic analysis and traffic monitoring.
A project providing open-source YARA rules for malware and malicious file detection
A comprehensive guide to malware analysis and reverse engineering, covering topics such as lab setup, debugging, and anti-debugging.
KLara is a distributed system written in Python that helps Threat Intelligence researchers hunt for new malware using Yara.
A tool for identifying and analyzing Java serialized objects in network traffic
A script to detect and remove Canary Tokens with simple signature-based detections.
A powerful tool for identifying and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A tool for finding and exploiting SQL injection vulnerabilities in web applications
Collects Yara rules from over 150 free resources, a free alternative to Valhalla.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.