Aurasium is a security policy enforcement framework for Android applications that operates through bytecode rewriting and in-place reference monitoring. The tool modifies existing APK files to inject security policies without requiring access to the original source code. The framework consists of several key components: - ApkMonitor containing the main native and Java policy logic bundled with demonstration applications - pyAPKRewriter providing APK patching scripts for automated repackaging - SecurityManager implementing ASM (bytecode manipulation) functionality for Aurasium dependencies The tool works by rewriting Android application bytecode to insert security monitoring code directly into the application. This approach allows for runtime security policy enforcement without modifying the Android operating system or requiring root access. Aurasium supports automated APK repackaging through command-line scripts and can be integrated into development workflows. The framework is designed to monitor application behavior and enforce security policies at runtime, providing an additional layer of protection for Android applications. The project is distributed under the GPLv3 license and requires standard Android development dependencies including the Android SDK, Python, and various build tools.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
Bearer CLI is a static application security testing tool that scans source code across multiple programming languages to identify and prioritize OWASP Top 10 and CWE Top 25 security vulnerabilities through data flow analysis.
SearchCode is an extensive code search engine that indexes 75 billion lines of code from millions of projects to help developers find coding examples and libraries.
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
A deliberately vulnerable Java web application designed for educational purposes to teach web application security concepts and common vulnerabilities.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.