Aurasium is a security policy enforcement framework for Android applications that operates through bytecode rewriting and in-place reference monitoring. The tool modifies existing APK files to inject security policies without requiring access to the original source code. The framework consists of several key components: - ApkMonitor containing the main native and Java policy logic bundled with demonstration applications - pyAPKRewriter providing APK patching scripts for automated repackaging - SecurityManager implementing ASM (bytecode manipulation) functionality for Aurasium dependencies The tool works by rewriting Android application bytecode to insert security monitoring code directly into the application. This approach allows for runtime security policy enforcement without modifying the Android operating system or requiring root access. Aurasium supports automated APK repackaging through command-line scripts and can be integrated into development workflows. The framework is designed to monitor application behavior and enforce security policies at runtime, providing an additional layer of protection for Android applications. The project is distributed under the GPLv3 license and requires standard Android development dependencies including the Android SDK, Python, and various build tools.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
A deliberately vulnerable Java web application designed for educational purposes to teach web application security concepts and common vulnerabilities.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
A source code search engine for searching alphanumeric snippets, signatures, or keywords in web page HTML, JS, and CSS code.
A brute-force protection middleware for express routes that rate-limits incoming requests.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.