Malware analysis tools

Adhrit: open source Android APK reversing and analysis tool

Adhrit is an open source Android APK reversing and analysis tool that can help security researchers and CTF enthusiasts alike. The tool is an effort to cut down on the amount of time spent on reversing and a basic reconnaissance of Android applications. The project is still in progress and will continually incorporate features with time.

USES:

  • Extracts from the apk contents.
  • Disassembles native libraries
  • Extracts jar out of dex.
  • Extracts source code in Java.
  • Extracts source code in Smali.
  • Recompiles smali into APK
  • Signs the APK
  • Checks for virtual apps/droppers
  • Checks for bytecode injection points and write it to a file.
  • Analyzes permissions used by the application.
  • Dumps the Manifest.
  • Dumps the certificate details.
  • Checks for malware footprints in the VirusTotal database.

USAGE:

PRE-REQUISITES:

  • Linux or MAC
  • Java JDK
  1. Download the zip or clone the package and extract the tool ( git clone https://github.com/abhi-r3v0/Adhrit.git )
  2. Place the application in the tool directory.
  3. Open a terminal and cd into the directory.
  4. Run python installer.py for installing the necessary tools.
  5. Use python adhrit.py -h for usage help.

Example: python adhrit.py -a my_app.apk

Demo

Solving a simple mobile CTF challenge

Copyright (C) 2018 abhi-r3v0

Source: https://github.com/abhi-r3v0/

 

Read more…

Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Malware analyst || Malware Investigator || Reverse Engineering

Leave a Reply