StaDynA
StaDynA is a system supporting security app analysis in the presence of dynamic code update features (dynamic class loading and reflection). Our tool combines static and dynamic analysis of Android applications in order to reveal the hidden/updated behavior and extend static analysis results with this information. This work has been done at the University of Trento. Publication: The results of our research were presented at the 5th ACM Conference on Data and Application Security and Privacy (ACM CODASPY 2015). Please use the following bibtex reference to cite our paper: @inproceedings{StaDynA_Zhauniarovich2014, author = {Zhauniarovich, Yury and Ahmad, Maqsood and Gadyatskaya, Olga and Crispo, Bruno and Massacci, Fabio}, title = {{StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications}}, booktitle = {Proceedings of the 5th ACM Conference on Data and Application Security and Privacy}, series = {CODASP
FEATURES
ALTERNATIVES
Runtime Mobile Security (RMS) is a powerful web interface powered by FRIDA for manipulating Android and iOS Apps at Runtime.
MARA is a Mobile Application Reverse engineering and Analysis Framework with various features for testing mobile applications against OWASP mobile security threats.
Tessian is an AI-powered cloud email security solution that protects against advanced phishing, account compromise, data exfiltration, and helps coach users on email security.
Practical security policy enforcement for Android apps via bytecode rewriting and in-place reference monitor.
An Outlook add-in for reporting suspicious emails to security teams and tracking user behavior during awareness campaigns.
A cyber risk management platform that financially quantifies cyber risks and provides actionable mitigation strategies while integrating with insurance coverage.
A Graphical Realism Framework for Industrial Control Simulation organized as 5 VirtualBox VMs for realistic ICS network simulation.
CHIPSEC is a framework for analyzing the security of PC platforms and components, with tools for low-level interfaces and forensic capabilities.
PINNED
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.