CFGScanDroid Logo

CFGScanDroid

0
Free
Visit Website

CFGScanDroid is a utility for comparing control flow graph (CFG) signatures to the control flow graphs of Android methods. It was designed as a scanner for malicious applications. Building: If you do not have Maven installed: sudo apt-get install maven (If you're on a non-Debian OS, I believe in you and your ability to get Maven installed.) If you have Maven, the build script should run the correct command: ./build.sh This will create a file: target/CFGScanDroid-0.1-jar-with-dependencies.jar Running: java -jar target/CFGScanDroid-0.1-jar-with-dependencies.jar USAGE: Must have one of (-d|-s|-l|-r) and you should probably specify some DEX files (-f) to use too ESSENTIALS: -f, -dex-files DEX file(s) to run -d, -dump-sigs Dump signature for each method of each DEX file -s, -sig-file A file containing signatures -r, -raw-signature Pass a signature in raw on the command line -l, -load-sigs-from-dex DEX file(s) whose methods to scan with SCAN MODES: -e, -exact-match Only match complete signature CFG to function CFG -p, -partial-match Find the signature graph

FEATURES

ALTERNATIVES

WordPress plugin to reduce comment spam with a smarter honeypot.

A learning and training project demonstrating common configuration errors in cloud environments.

An automated code security tool that analyzes repositories, identifies vulnerabilities, and generates pull requests with fixes while integrating with existing development workflows.

Open Redirection Analyzer

Application monitoring and security platform that provides runtime visibility, threat detection, and automated response capabilities for application-layer security

Arnica is an application security platform that offers real-time scanning, risk mitigation, and management across various aspects of the software development lifecycle.

EvoMaster is an open-source tool that automatically generates system-level test cases for web APIs using AI-driven techniques.

A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.