AuditD on Android Logo

AuditD on Android

0
Free
Visit Website

Our goal is to port a minimal set of userland tools from the GNU/Linux userland to the bionic/Linux userland of Android. We've stripped out most the functionality inherent in the Linux software including audisp, ausearch, and auparse. The audit stream is not sent directly to an AF_Unix socket (/dev/audit) by auditd. While not as elegant or robust as the Linux code, our goal is to provide access to the audit stream for Android applications with minimal overhead. Our choice for stripping down Audit is partly due to the fact bionic is horribly GNU incompatible, but also the smartphone platform should be treated than the traditional server/desktop due to resource and runtime constraints. Requirements: A rooted Android system. Running the 2.6.29 or higher x86 kernel with CONFIG_AUDITSYSCALL=y. For the ARM platform, the kernel must be patched (See section 'Custom Kernel'). We needed to copy over the audit.h kernel header because Google uses clean headers. Their utilities to clean headers are unusable by those not blessed with the power of Google (i.e., the documentation is minimal and the ixd is horrible). More details in the directory structure section.

FEATURES

ALTERNATIVES

A tool to quickly get all JavaScript sources/files

A security dataset and CTF platform with full and attack-only versions pre-indexed for Splunk.

A tool to extract links from responses and filter them via decoding/sorting

UPX is a high-performance executable packer for various executable formats.

Community-driven collection of open source tools being archived with limited support.

A tool to replace query string values with a user-supplied value

A comprehensive collection of security assessment lists for security testers.

PINNED