Friday, September 5, 2014

Analysing Android files



In this post I'll simply be listing several tools to analyse (malicious) Android files. 

All tools or scanners listed are free to use.

If you wish to analyze files from the Google Play store without actually installing/downloading them directly to your phone (or, for example, you don't use Android):


If you know of other free tools or scanners for Android files (.apk, .dex), do let me know.



Online tools


AndroTotal









http://andrototal.org/




Anubis (currently discontinued)




http://anubis.iseclab.org/





Apk Analyzer





http://www.apk-analyzer.net/



Apk-deguard









http://apk-deguard.com/






ApkScan











http://apkscan.nviso.be/




Android APK Decompiler







http://www.decompileandroid.com/




AVC UnDroid










http://www.av-comparatives.org/avc-analyzer/



CopperDroid










http://copperdroid.isg.rhul.ac.uk/copperdroid/




Fallible




https://android.fallible.co/



Judge






http://judge.rednaga.io/





Koodous




https://koodous.com/




Reverse.it (Hybrid Analysis)















https://www.reverse.it/



SandDroid







http://sanddroid.xjtu.edu.cn/#





VirusTotal









https://www.virustotal.com/en/






Offline tools


AndroGuard




https://github.com/androguard/androguard/




Androl4b



https://github.com/sh4hin/Androl4b




Android-apktool (APKtool)





https://ibotpeaches.github.io/Apktool/




Android SDK





 http://developer.android.com/sdk/index.html



Android Tamer












https://androidtamer.com/




APKiD






https://github.com/rednaga/APKiD



Apkinspector






https://github.com/honeynet/apkinspector/




CuckooDroid









https://github.com/idanr1986/cuckoo-droid




Dex2jar





http://code.google.com/p/dex2jar/ ( + JD-Gui)




Lobotomy 





https://github.com/LifeForm-Labs/lobotomy



Mobile Security Framework (MobSF)








https://github.com/MobSF/Mobile-Security-Framework-MobSF

3 comments:

  1. The problem is that almost all the apps are in the Google Play store. This forces you to download something to your phone and then scan.There should be a sandbox where you can Download APK and scan it with various tools presented here.


    Again a great article with a lot of online tools!

    Dravy

    ReplyDelete
    Replies
    1. Excellent point Dravy! I've updated my post accordingly.

      Thanks for your comment as well! Cheers.

      Delete
  2. Nice tricks to analysing android file, i use this tricks

    ReplyDelete