From 9d4c6c89966e3e6f241df7fd43b319d94c1d60cc Mon Sep 17 00:00:00 2001 From: Aditya Agrawal Date: Sun, 1 Mar 2015 22:37:07 +0530 Subject: [PATCH 01/15] Initial commit --- README.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..bb170fe --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +# android-security-wiki From b51ac86f510a963601a89ae988c8242a22c26c0a Mon Sep 17 00:00:00 2001 From: Aditya Agrawal Date: Tue, 3 Mar 2015 02:49:44 +0530 Subject: [PATCH 02/15] Update README.md --- README.md | 264 +++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 263 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index bb170fe..28ac48b 100644 --- a/README.md +++ b/README.md @@ -1 +1,263 @@ -# android-security-wiki +##Forensics Tools + +* [Android Forensics](https://github.com/viaforensics/android-forensics) - Open Source Android Forensics App and Framework + +* [Android Data Extractor Lite](https://github.com/mspreitz/ADEL) + +* [BitPim](http://www.bitpim.org/) - BitPim is a program that allows you to view and manipulate data on many CDMA +phones from LG, Samsung, Sanyo and other manufacturers. + +* [LiME](https://github.com/504ensicsLabs/LiME) - LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. + +* [Open Source Android Forensics](http://www.osaf-community.org/) + +* [P2P-ADB](https://github.com/kosborn/p2p-adb/) - Phone to Phone Android Debug Bridge - A project for "debugging" phones from other phones. + +* [pySimReader](https://www.isecpartners.com/tools/mobile-security/pysimreader.aspx) - It allows users to write out arbitrary raw SMS PDUs to a SIM card. + + +##Development Tools + +* [Android SDK](https://developer.android.com/sdk/index.html) - The Android software development kit (SDK) includes a comprehensive set of development tools. These include a debugger, libraries, a handset emulator based on QEMU, documentation, sample code, and tutorials. + +* [Android NDK](https://developer.android.com/tools/sdk/ndk/index.html) - The NDK is a toolset that allows you to implement parts of your app using native-code languages such as C and C++. + +* [ADT Bundle](https://developer.android.com/sdk/index.html) - The Android Developer Tools(ADT) bundle is a single download that contains everything for developers to start creating Android Application + * Android Studio IDE or Eclipse IDE + * Android SDK tools + * Android 5.0 (Lollipop) Platform + * Android 5.0 emulator system image with Google APIs + +* [Root Tools](https://github.com/Stericson/RootTools) - RootTools provides rooted developers a standardized set of tools for use in the development of rooted applications. + +##Static Analysis Tools + +* [Androwarn](https://github.com/maaaaz/androwarn/):- Yet another static code analyzer for malicious Android applications + +* [ApkAnalyser](https://github.com/sonyxperiadev/ApkAnalyser) - ApkAnalyser is a static, virtual analysis tool for examining and validating the development work of your Android app. + +* [APKInspector](https://github.com/honeynet/apkinspector/) - APKinspector is a powerful GUI tool for analysts to analyze the Android applications. + +* [Error-Prone](https://github.com/google/error-prone) - Catch common Java mistakes as compile-time errors + +* [FlowDroid](http://sseblog.ec-spride.de/tools/flowdroid/) - FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications. + +* [Lint](http://developer.android.com/tools/help/lint.html) - The Android lint tool is a static code analysis tool that checks your Android project source files for potential bugs and optimization improvements for correctness, security, performance, usability, accessibility, and internationalization. + +* [Smali CFGs](https://github.com/EugenioDelfa/Smali-CFGs) - Smali Control Flow Graph's + +* [Smali and Baksmali](https://code.google.com/p/smali/) - smali/baksmali is an assembler/disassembler for the dex format used by dalvik, Android's Java VM implementation. + +* [Thresher](http://pl.cs.colorado.edu/projects/thresher/) - Thresher is a static analysis tool that specializes in checking heap reachability properties. Its secret sauce is using a coarse up-front points-to analysis to focus a precise symbolic analysis on the alarms reported by the points-to analysis. + +##Dynamic Analysis Tools + +* [Android Hooker](https://github.com/AndroidHooker/hooker) - This project provides various tools and applications that can be use to automaticaly intercept and modify any API calls made by a targeted application. + +* [Droidbox](https://code.google.com/p/droidbox/) - DroidBox is developed to offer dynamic analysis of Android applications + +* [Drozer](https://www.mwrinfosecurity.com/products/drozer/) - Drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps' IPC endpoints and the underlying OS. + +* [Xposed Framework](http://forum.xda-developers.com/xposed/xposed-installer-versions-changelog-t2714053) + + +##Reverse Engineering Tools + +* [Androguard](https://github.com/androguard/androguard) - Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !) + +* [Android loadble Kernel Modules](https://github.com/strazzere/android-lkms) - It is mostly used for reversing and debugging on controlled systems/emulators. + +* [AndBug](https://github.com/swdunlop/AndBug) - Android Debugging Library + +* [ApkTool](https://code.google.com/p/android-apktool/) - A tool for reverse engineering Android Apk Files + +* [Bytecode-Viewer](https://github.com/Konloch/bytecode-viewer) - A Java 8 Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More) + +* [Dex2Jar](https://code.google.com/p/dex2jar/) - Tools to work with android .dex and java .class files + +* [Fino](https://github.com/sysdream/fino) - Android small footprint inspection tool + +* [Introspy-Android](https://github.com/iSECPartners/Introspy-Android) - Blackbox tool to help understand what an Android application is doing at runtime and assist in the identification of potential security issues. + +* [JD-Gui](http://jd.benow.ca/) - Yet another fast Java Decompiler + +* [Simplify](https://github.com/CalebFenton/simplify) - Generic Android Deobfuscator + +* [smali](https://code.google.com/p/smali/) - An assembler/disassembler for Android's dex format + +##Hooking and Instrumentation Tools + +* [ADBI Framework](https://github.com/crmulliner/ddi) - Simple and easy to use toolkit for dynamic instrumentation of Dalvik code. + +* [Cydia Substrate](http://www.cydiasubstrate.com/) - Cydia Substrate for Android enables developers to make changes to existing software with Substrate extensions that are injected in to the target process's memory. + +* [Xposed Framework](http://forum.xda-developers.com/xposed/xposed-installer-versions-changelog-t2714053) - Xposed framework enables you to modify the system or application aspect and behaviour at runtime, without modifying any Android application package(APK) or re-flashing. + +##Online Analyzers + +* [AndroidTotal](http://andrototal.org/) - AndroTotal is a free service to scan suspicious APKs against multiple mobile antivirus apps. + +* [Anubis](http://anubis.iseclab.org/) - Malware Analysis for Unknown Binaries. + +* [App360Scan](http://www.app360scan.com/) - Tells about permissons used by an Application and what harm it can cause to users. + +* [CopperDroid](http://copperdroid.isg.rhul.ac.uk/copperdroid/) - It automatically perform out-of-the-box dynamic behavioral analysis of Android malware. + +* [Dexter](https://dexter.bluebox.com/) - Dexter is an interactive Android software analysis environment with collaboration features. + +* [Mobile Sandbox](http://mobilesandbox.org/) - The Mobile-Sandbox provides static and dynamic malware analysis combined with machine learning techniques for Android applications. + +##Android Testing Distributions + +* [Appie](https://manifestsecurity.com/appie) - A portable software package for Android Pentesting and an awesome alternative to existing Virtual machines. + +* [Android Tamer](https://androidtamer.com) - Android Tamer is a Virtual / Live Platform for Android Security professionals. + +* [AppUse](https://appsec-labs.com/AppUse/) - AppUse is a VM (Virtual Machine) developed by AppSec Labs. + +* [Mobisec](http://sourceforge.net/projects/mobisec/) - +Mobile security testing live environment + +* [Now Secure App Testing Suite:Community Edition](https://www.nowsecure.com/apptesting/community/#viaprotect) + +* [Santoku Linux](https://santoku-linux.com/) - Santoku Linux is a virtual machine developed by NowSecure Mobile. + +##Android Vulnerable Apps/Challenges + +* [Android Challenges of Various Conferences/Events](https://drive.google.com/folderview?id=0B7rtSe_PH_fTWDQ0RC1DeWVoVUE&usp=sharing) + +* [Owasp Goatdroid Project](https://github.com/jackMannino/OWASP-GoatDroid-Project) + +* [ExploitMe labs by SecurityCompass](http://securitycompass.github.io/AndroidLabs/setup.html) + +##Android Malwares Database + +* [Contagio Mini Dump](http://contagiominidump.blogspot.com/) - Contagio mobile mini-dump offers an upload dropbox for you to share your mobile malware samples. + +* [Android Malwares Databases](https://code.google.com/p/androguard/wiki/DatabaseAndroidMalwares) - No Longer Maintained. + +##Tutorials + +* [Android Application Security Series](https://manifestsecurity.com/android-application-security/) - A simple and elaborative series on Android Application Security. Beneficial for Android Security Professionals and Developers. + +* [Android Forensics Course](http://opensecuritytraining.info/AndroidForensics.html) + +* [Introduction to ARM](http://opensecuritytraining.info/IntroARM.html) + + +##Android Vulnerability/Exploit List + +* [Android Vulnerability/Exploit List](https://docs.google.com/spreadsheet/pub?key=0Am5hHW4ATym7dGhFU1A4X2lqbUJtRm1QSWNRc3E0UlE&single=true&gid=0&output=html) + + +##Android Security Libraries + +* [Android Password Store](https://github.com/zeapo/Android-Password-Store) + +* [Android Pinning](https://github.com/moxie0/AndroidPinning) - A standalone library project for certificate pinning on Android. + +* [Conceal By Facebook](https://github.com/facebook/conceal) - Conceal provides easy Android APIs for performing fast encryption and authentication of data. + +* [Dexguard](http://www.saikoa.com/dexguard) - DexGuard is our specialized optimizer and obfuscator for Android. Create apps that are faster, more compact, and more difficult to crack. + +* [Encryption](https://github.com/simbiose/Encryption) - Encryption is a simple way to create encrypted strings to Android project. + +* [CWAC-Security](https://github.com/commonsguy/cwac-security) - Helping You Help Your Users Defend Their Data + +* [IOCipher](https://github.com/guardianproject/IOCipher) - IOCipher is a virtual encrypted disk for apps without requiring the device to be rooted. + +* [NetCipher](https://github.com/guardianproject/NetCipher) - This is an Android Library Project that provides multiple means to improve network security in mobile applications. + +* [OpenPGP API](https://github.com/open-keychain/openpgp-api-lib) - The OpenPGP API provides methods to execute OpenPGP operations, such as sign, encrypt, decrypt, verify, and more without user interaction from background threads. + +* [OWASP Java HTML Sanitizer](https://code.google.com/p/owasp-java-html-sanitizer/) + +* [Proguard](http://proguard.sourceforge.net/) - ProGuard is a free Java class file shrinker, optimizer, obfuscator, and preverifier. It detects and removes unused classes, fields, methods, and attributes. + +* [Spongy Castle](https://github.com/rtyley/spongycastle) - a repackage of Bouncy Castle for Android + +* [SQL Cipher](https://www.zetetic.net/sqlcipher/sqlcipher-for-android/) - SQLCipher is an open source extension to SQLite that provides transparent 256-bit AES encryption of database files. + +* [Secure Preferences](https://github.com/scottyab/secure-preferences) - Android Shared preference wrapper than encrypts the keys and values of Shared Preferences. + +* [Trusted Intents](https://github.com/guardianproject/TrustedIntents) - Library for flexible trusted interactions between Android apps +##Official Documents + +* [Android Security Overview](http://source.android.com/devices/tech/security/) +* [Android Security Tips for Developers](http://developer.android.com/training/articles/security-tips.html) + + +##Best Practices + +* [Projects/OWASP Mobile Security Project - Top Ten Mobile Controls](https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Top_Ten_Mobile_Controls) +* [PCI Mobile Payment Acceptance +Security Guidelines for Developers](https://www.pcisecuritystandards.org/documents/Mobile%20Payment%20Security%20Guidelines%20v1%200.pdf) + + +##Books + +| Book | Year | Author | Link | +| ------------------------------------------------------------------------------------------- | ---- | ---------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------- | +| The Mobile Application Hacker's Handbook | 2015 | Dominic Chell, Tyrone Erasmus, Jon Lindsay, Shaun Colley, Ollie Whitehouse | [Link](http://www.amazon.com/The-Mobile-Application-Hackers-Handbook/dp/1118958500) | +| Android Hacker's Handbook | 2014 | Joshua J. Drake, Zach Lanier, Collin Mulliner, Pau Oliva, Stephen A. Ridley, Georg Wicherski | [Link](http://www.amazon.com/Android-Hackers-Handbook-Joshua-Drake/dp/111860864X) | +| Android Security Internals | 2014 | Nikolay Elenkov | [Link](http://www.nostarch.com/androidsecurity) | +| Learning Pentesting for Android | 2014 | Aditya Gupta | [Link](http://www.amazon.in/Learning-Pentesting-Android-Aditya-Gupta/dp/1783288981) | +| Android Security Cookbook | 2013 | Keith Makan, Scott-Alexander-Brown | [Link](http://www.amazon.com/dp/1782167161/?tag=packtpubli-20) | +| Android Malware | 2013 | Xuxian Jiang, Yajin Zhou | [Link](http://www.amazon.com/Android-Malware-SpringerBriefs-Computer-Science/dp/1461473934/) | +| Android Application Security Essentials | 2013 | Pragati Rai | [Link](http://www.amazon.com/Android-Application-Security-Essentials-Pragati/dp/1849515603/) | +| Hacking Exposed Mobile Security Secrets & Solutions | 2013 | Neil Bergman, Mike Stanfield, Jason Rouse, Joel Scrambay, Sarath Geethakumar, Swapnil Deshmukh, John Steven, Mike Price, Scott Matsumoto | [Link](http://www.amazon.com/Hacking-Exposed-Security-Secrets-Solutions/dp/0071817018/) | +| Android Security: Attacks and Defenses | 2013 | Anmol Misra, Abhishek Dubey | [Link](http://www.amazon.com/Android-Security-Defenses-Anmol-Misra/dp/1439896461/) | +| Mobile Phone Security and Forensics: A Practical Approach | 2012 | I.I. Androulidakis | [Link](http://www.amazon.com/Mobile-Phone-Security-Forensics-SpringerBriefs/dp/1461416493/) | +| Android Apps Security | 2012 | Sheran Gunasekera | [Link](http://www.amazon.com/Android-Apps-Security-Sheran-Gunasekera/dp/1430240628) | +| Decompiling Android | 2012 | Godfrey Nolan | [Link](http://www.amazon.com/Decompiling-Android-Godfrey-Nolan/dp/1430242485/) | +| Mobile Application Security | 2012 | Himanshu Dwivedi, Chris Clark and David Thiel | [Link](http://www.amazon.com/Mobile-Application-Security-Himanshu-Dwivedi/dp/0071633561/) | +| XDA Developers' Android Hacker's Toolkit | 2012 | Jason Tyler, Will Verduzco | [Link](http://www.amazon.com/XDA-Developers-Android-Hackers-Toolkit/dp/1119951380/) | +| Android Forensics: Investigation, Analysis and Mobile Security for Google Android' | 2011 | Andrew Hoog | [Link](http://www.amazon.com/Android-Forensics-Investigation-Analysis-Security/dp/1597496510/) | +| Application Security for the Android Platform: Processes, Permissions, and Other Safeguards | 2011 | Jeff Six | [Link](http://www.amazon.com/Application-Security-Android-Platform-Permissions/dp/1449315070/) | +| Embedded Java Security: Security for Mobile Devices | 2010 | Mourad Debbabi, Mohamed Saleh, Chamseddine Talhi and Sami Zhioua | [Link](http://www.amazon.com/Embedded-Java-Security-Mobile-Devices/dp/1849966230/) | + + +##Android Security Research Papers + +* [Attacks on Android Clipboard](http://www.cis.syr.edu/~wedu/Research/paper/clipboard_attack_dimva2014.pdf) +* [A Study of Android Application Security](http://www.cs.rice.edu/~sc40/pubs/enck-sec11.pdf) +* [Attacks on Webview in the Android System](http://www.cis.syr.edu/~wedu/Research/paper/webview_acsac2011.pdf) +* [Gues who's is Texting you?Evaluating Security of Smartphone Messaging Applications](https://www.sba-research.org/wp-content/uploads/publications/ndss2012_final.pdf) +* [Evaluations of Security Solutions for Android Systems](http://arxiv.org/ftp/arxiv/papers/1502/1502.04870.pdf) +* [Why Eve and Mallory Love Android: +An Analysis of Android SSL (In)Security](http://www2.dcsec.uni-hannover.de/files/android/p50-fahl.pdf) +* [The Impact of Vendor Customizations on Android Security](https://www.cs.ncsu.edu/faculty/jiang/pubs/CCS13.pdf) +* [The Peril of Fragmentation: Security Hazards in +Android Device Driver Customizations](http://www.cs.indiana.edu/~zhou/files/sp14_zhou.pdf) +* [An Empirical Study of Cryptographic Misuse +in Android Applications](http://www.cs.ucsb.edu/~chris/research/doc/ccs13_cryptolint.pdf) +* [Android Permissions:User Attention, Comprehension, and Behavior](http://www.guanotronic.com/~serge/papers/soups12-android.pdf) +* [AppsPlayground: Automatic Security Analysis of +Smartphone Applications](http://www.cs.northwestern.edu/~ychen/Papers/AppsPlayground.pdf) +* [Understanding and Improving App Installation Security +Mechanisms through Empirical Analysis of Android](http://users.encs.concordia.ca/~clark/papers/2012_spsm.pdf) +* [Android Malware Situation](https://www.incibe.es/extfrontinteco/img/File/intecocert/EstudiosInformes/android_malware_situation.pdf) +* [PowerSpy: Location Tracking using Mobile Device Power Analysis](http://arxiv.org/pdf/1502.03182v2) +* [EdgeMiner: Automatically Detecting Implicit +Control Flow Transitions through the Android Framework](http://yinzhicao.org/EdgeMiner/2015_ndss_edgeminer.pdf) +* [Detecting Passive Content Leaks and Pollution in Android Applications ](http://www.yajin.org/papers/ndss13_contentscope.pdf) +* [DIVILAR: Diversifying Intermediate Language for Anti-Repackaging on Android Platform ](http://www.yajin.org/papers/codaspy14_divilar.pdf) +* [ RiskRanker: Scalable and Accurate Zero-day Android Malware Detection](http://www.csc.ncsu.edu/faculty/jiang/pubs/MOBISYS12.pdf) +* [DroidMOSS: Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces](http://www.csc.ncsu.edu/faculty/jiang/pubs/CODASPY12.pdf) +* [Dissecting Android Malware: Characterization and Evolution](http://www.yajin.org/papers/oakland12_sok.pdf) +* [Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets](http://www.csc.ncsu.edu/faculty/jiang/pubs/NDSS12_DROIDRANGER.pdf) +* [Systematic Detection of Capability Leaks in Stock Android Smartphones](http://www.csc.ncsu.edu/faculty/jiang/pubs/NDSS12_WOODPECKER.pdf) +* [Fast, Scalable Detection of “Piggybacked” Mobile +Applications](http://www.csc.ncsu.edu/faculty/jiang/pubs/CODASPY13.pdf) + + +##Contribute +It is awesome that want to contribute in this wiki, which would directly help the community. Project/Tools which are no longer manintained are not included in this wiki. Please follow one of the ways from below to include tool or resource in this wiki- + +* Tweet the resource to [@exploitprotocol](https://twitter.com/exploitprotocol) + +* Shoot an email to **aditya@manifestsecurity.com** + +* Create a pull request to [Android Security Wiki Repository](https://github.com/exploitprotocol/android-security-wiki) master branch. + +Please let me know if you have any suggestion's From 6dca5f6c15ea49e212866b797dfd54fc1d2e0bea Mon Sep 17 00:00:00 2001 From: Aditya Agrawal Date: Tue, 3 Mar 2015 03:01:33 +0530 Subject: [PATCH 03/15] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 28ac48b..8bdc4ee 100644 --- a/README.md +++ b/README.md @@ -260,4 +260,4 @@ It is awesome that want to contribute in this wiki, which would directly help th * Create a pull request to [Android Security Wiki Repository](https://github.com/exploitprotocol/android-security-wiki) master branch. -Please let me know if you have any suggestion's +Please let me know if you have any suggestions From b8d5aecca5d839e6edad8c208e41e5357867df2e Mon Sep 17 00:00:00 2001 From: Aditya Agrawal Date: Tue, 3 Mar 2015 03:03:42 +0530 Subject: [PATCH 04/15] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8bdc4ee..b6c9c7f 100644 --- a/README.md +++ b/README.md @@ -252,7 +252,7 @@ Applications](http://www.csc.ncsu.edu/faculty/jiang/pubs/CODASPY13.pdf) ##Contribute -It is awesome that want to contribute in this wiki, which would directly help the community. Project/Tools which are no longer manintained are not included in this wiki. Please follow one of the ways from below to include tool or resource in this wiki- +It is awesome to see that you want to contribute in this wiki, which would directly help the community. Project/Tools which are no longer maintained are not included in this wiki. Please follow one of the ways from below to include tool or resource in this wiki- * Tweet the resource to [@exploitprotocol](https://twitter.com/exploitprotocol) From d118002fb8c1e2962571db5e72d04e481066fc84 Mon Sep 17 00:00:00 2001 From: Aditya Agrawal Date: Tue, 3 Mar 2015 03:10:35 +0530 Subject: [PATCH 05/15] Update README.md --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index b6c9c7f..5ba6fa2 100644 --- a/README.md +++ b/README.md @@ -85,7 +85,7 @@ phones from LG, Samsung, Sanyo and other manufacturers. * [smali](https://code.google.com/p/smali/) - An assembler/disassembler for Android's dex format -##Hooking and Instrumentation Tools +##Hooking Tools * [ADBI Framework](https://github.com/crmulliner/ddi) - Simple and easy to use toolkit for dynamic instrumentation of Dalvik code. @@ -122,7 +122,7 @@ Mobile security testing live environment * [Santoku Linux](https://santoku-linux.com/) - Santoku Linux is a virtual machine developed by NowSecure Mobile. -##Android Vulnerable Apps/Challenges +##Android Vulnerable Apps * [Android Challenges of Various Conferences/Events](https://drive.google.com/folderview?id=0B7rtSe_PH_fTWDQ0RC1DeWVoVUE&usp=sharing) @@ -145,7 +145,7 @@ Mobile security testing live environment * [Introduction to ARM](http://opensecuritytraining.info/IntroARM.html) -##Android Vulnerability/Exploit List +##Android Vulnerability List * [Android Vulnerability/Exploit List](https://docs.google.com/spreadsheet/pub?key=0Am5hHW4ATym7dGhFU1A4X2lqbUJtRm1QSWNRc3E0UlE&single=true&gid=0&output=html) From b5cba04d291cc028f84db26474a5ee43b19f736e Mon Sep 17 00:00:00 2001 From: Aditya Agrawal Date: Tue, 3 Mar 2015 03:22:57 +0530 Subject: [PATCH 06/15] Update README.md --- README.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 5ba6fa2..01a1cac 100644 --- a/README.md +++ b/README.md @@ -181,14 +181,11 @@ Mobile security testing live environment * [Secure Preferences](https://github.com/scottyab/secure-preferences) - Android Shared preference wrapper than encrypts the keys and values of Shared Preferences. * [Trusted Intents](https://github.com/guardianproject/TrustedIntents) - Library for flexible trusted interactions between Android apps -##Official Documents - -* [Android Security Overview](http://source.android.com/devices/tech/security/) -* [Android Security Tips for Developers](http://developer.android.com/training/articles/security-tips.html) - ##Best Practices +* [Android Security Overview](http://source.android.com/devices/tech/security/) +* [Android Security Tips for Developers](http://developer.android.com/training/articles/security-tips.html) * [Projects/OWASP Mobile Security Project - Top Ten Mobile Controls](https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Top_Ten_Mobile_Controls) * [PCI Mobile Payment Acceptance Security Guidelines for Developers](https://www.pcisecuritystandards.org/documents/Mobile%20Payment%20Security%20Guidelines%20v1%200.pdf) From b53e60687ed1a4b12b0f334200fc3c276f17a090 Mon Sep 17 00:00:00 2001 From: Aditya Agrawal Date: Tue, 3 Mar 2015 21:49:48 +0530 Subject: [PATCH 07/15] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 01a1cac..d876697 100644 --- a/README.md +++ b/README.md @@ -149,6 +149,7 @@ Mobile security testing live environment * [Android Vulnerability/Exploit List](https://docs.google.com/spreadsheet/pub?key=0Am5hHW4ATym7dGhFU1A4X2lqbUJtRm1QSWNRc3E0UlE&single=true&gid=0&output=html) +* [Android CVE Details](http://www.cvedetails.com/vulnerability-list/vendor_id-1224/product_id-19997/Google-Android.html) ##Android Security Libraries @@ -223,6 +224,7 @@ Security Guidelines for Developers](https://www.pcisecuritystandards.org/documen * [Evaluations of Security Solutions for Android Systems](http://arxiv.org/ftp/arxiv/papers/1502/1502.04870.pdf) * [Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security](http://www2.dcsec.uni-hannover.de/files/android/p50-fahl.pdf) +* * [The Impact of Vendor Customizations on Android Security](https://www.cs.ncsu.edu/faculty/jiang/pubs/CCS13.pdf) * [The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations](http://www.cs.indiana.edu/~zhou/files/sp14_zhou.pdf) From 669f34f6a1c38cf2dda94596415c2a3e5a40f87c Mon Sep 17 00:00:00 2001 From: = <=> Date: Tue, 3 Mar 2015 20:22:19 +0100 Subject: [PATCH 08/15] JEB interactive decompiler added --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index d876697..b79819c 100644 --- a/README.md +++ b/README.md @@ -81,6 +81,8 @@ phones from LG, Samsung, Sanyo and other manufacturers. * [JD-Gui](http://jd.benow.ca/) - Yet another fast Java Decompiler +* [JEB](https://www.pnfsoftware.com/index) - The Interactive Android Decompiler + * [Simplify](https://github.com/CalebFenton/simplify) - Generic Android Deobfuscator * [smali](https://code.google.com/p/smali/) - An assembler/disassembler for Android's dex format From e73668d80d477b91d46f29734eeedfd0280e6e13 Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Wed, 4 Mar 2015 20:41:21 +0100 Subject: [PATCH 09/15] Online Android APK Decompiler --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index b79819c..c4016bb 100644 --- a/README.md +++ b/README.md @@ -65,6 +65,8 @@ phones from LG, Samsung, Sanyo and other manufacturers. * [Androguard](https://github.com/androguard/androguard) - Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !) +* [Android APK Decompiler](http://www.decompileandroid.com/) - Decompiling APK files made easy. Online decompiler. + * [Android loadble Kernel Modules](https://github.com/strazzere/android-lkms) - It is mostly used for reversing and debugging on controlled systems/emulators. * [AndBug](https://github.com/swdunlop/AndBug) - Android Debugging Library From 1683e3e750aba16d26ab1542387f58d55b17fa37 Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Wed, 4 Mar 2015 20:44:14 +0100 Subject: [PATCH 10/15] Android Sandbox samples --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index c4016bb..6392d7d 100644 --- a/README.md +++ b/README.md @@ -136,6 +136,8 @@ Mobile security testing live environment ##Android Malwares Database +* [Android Sandbox Samples](http://androidsandbox.net/samples/) - Index of Android Sandbox Samples listing many APKs. + * [Contagio Mini Dump](http://contagiominidump.blogspot.com/) - Contagio mobile mini-dump offers an upload dropbox for you to share your mobile malware samples. * [Android Malwares Databases](https://code.google.com/p/androguard/wiki/DatabaseAndroidMalwares) - No Longer Maintained. From f9f13ee37b100813ca8e6a5ec7b98359a0961fa8 Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Wed, 4 Mar 2015 20:45:59 +0100 Subject: [PATCH 11/15] Android Sandbox analyzer --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 6392d7d..54ff0ff 100644 --- a/README.md +++ b/README.md @@ -99,6 +99,8 @@ phones from LG, Samsung, Sanyo and other manufacturers. ##Online Analyzers +* [Android Sandbox](http://androidsandbox.net/index.html) - Android Sandbox is a service that allows the dynamic and static analysis of mobile applications. + * [AndroidTotal](http://andrototal.org/) - AndroTotal is a free service to scan suspicious APKs against multiple mobile antivirus apps. * [Anubis](http://anubis.iseclab.org/) - Malware Analysis for Unknown Binaries. From 5c4814a9b4c22067cf58c53d8ecc4fe583b24b93 Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Thu, 5 Mar 2015 19:09:45 +0100 Subject: [PATCH 12/15] Virus Bulletion 2014 paper ZIP abuses --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 54ff0ff..0f026ae 100644 --- a/README.md +++ b/README.md @@ -256,6 +256,7 @@ Control Flow Transitions through the Android Framework](http://yinzhicao.org/Edg * [Systematic Detection of Capability Leaks in Stock Android Smartphones](http://www.csc.ncsu.edu/faculty/jiang/pubs/NDSS12_WOODPECKER.pdf) * [Fast, Scalable Detection of “Piggybacked” Mobile Applications](http://www.csc.ncsu.edu/faculty/jiang/pubs/CODASPY13.pdf) +* [Leaving our ZIP undone: how to abuse ZIP to deliver malware apps](https://www.virusbtn.com/pdf/conference/vb2014/VB2014-Panakkal.pdf) ##Contribute From bc1ce8251e815fea8057b40901a4690c010524f7 Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Thu, 5 Mar 2015 19:39:44 +0100 Subject: [PATCH 13/15] alternative native Android emulator added --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 0f026ae..e0a0031 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,12 @@ phones from LG, Samsung, Sanyo and other manufacturers. * Android SDK tools * Android 5.0 (Lollipop) Platform * Android 5.0 emulator system image with Google APIs + +* [Native Android Runtime Emulation](https://bitbucket.org/jigsaw_echo/armexec) - A native Android emulator featuring the following functions: + * Full stack support for ELF built by Android NDK. + * Seeminglessly native gdb support. + * Link and load shared library. + * Open to extension of different architecture and C runtime. * [Root Tools](https://github.com/Stericson/RootTools) - RootTools provides rooted developers a standardized set of tools for use in the development of rooted applications. From d6a8a6d8638a696b020e6ede66db050253a08c52 Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Thu, 5 Mar 2015 19:49:10 +0100 Subject: [PATCH 14/15] APK Studio for reverse engineering added --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index e0a0031..811d214 100644 --- a/README.md +++ b/README.md @@ -79,6 +79,8 @@ phones from LG, Samsung, Sanyo and other manufacturers. * [ApkTool](https://code.google.com/p/android-apktool/) - A tool for reverse engineering Android Apk Files +* [APK Studio](https://apkstudio.codeplex.com/) - APK Studio is an IDE for decompiling/editing & then recompiling of android application binaries. + * [Bytecode-Viewer](https://github.com/Konloch/bytecode-viewer) - A Java 8 Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More) * [Dex2Jar](https://code.google.com/p/dex2jar/) - Tools to work with android .dex and java .class files From 65256d1869fad365cf649ad3e3aca6f2f0a7cf16 Mon Sep 17 00:00:00 2001 From: Aditya Agrawal Date: Wed, 2 Mar 2016 20:00:13 +0530 Subject: [PATCH 15/15] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 811d214..afc2c98 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ phones from LG, Samsung, Sanyo and other manufacturers. * [pySimReader](https://www.isecpartners.com/tools/mobile-security/pysimreader.aspx) - It allows users to write out arbitrary raw SMS PDUs to a SIM card. -##Development Tools +## Development Tools * [Android SDK](https://developer.android.com/sdk/index.html) - The Android software development kit (SDK) includes a comprehensive set of development tools. These include a debugger, libraries, a handset emulator based on QEMU, documentation, sample code, and tutorials.