GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → CheckPointSW → Android_unpacker

CheckPointSW / Android_unpacker

A (hopefully) generic unpacker for packed Android apps.

Programming Languages

shell
77523 projects

Labels

androidmalwareresearch

Projects that are alternatives of or similar to Android unpacker

cerberus research
Research tools for analysing Cerberus banking trojan.
Stars: ✭ 110 (-65.62%)
Mutual labels:  research, malware
FIDL
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 421 (+31.56%)
Mutual labels:  research, malware
Invizzzible
InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
Stars: ✭ 268 (-16.25%)
Mutual labels:  research, malware
showstopper
ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.
Stars: ✭ 132 (-58.75%)
Mutual labels:  research, malware
Anti-Debug-DB
Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of various anti-debug tricks, their implementation, and recommendations of how to mitigate the each trick.
Stars: ✭ 20 (-93.75%)
Mutual labels:  research, malware
Whitecomet-Research
Research on malware creation and protection
Stars: ✭ 62 (-80.62%)
Mutual labels:  research, malware
Fidl
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 319 (-0.31%)
Mutual labels:  research, malware
Vxug Papers
Research code & papers from members of vx-underground.
Stars: ✭ 291 (-9.06%)
Mutual labels:  malware
Augur
Python library and web service for Open Source Software Health and Sustainability metrics & data collection.
Stars: ✭ 304 (-5%)
Mutual labels:  research
Medusa
Binary instrumentation framework based on FRIDA
Stars: ✭ 258 (-19.37%)
Mutual labels:  malware
Surveykit
Android library to create beautiful surveys (aligned with ResearchKit on iOS)
Stars: ✭ 288 (-10%)
Mutual labels:  research
Ghostshell
Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
Stars: ✭ 293 (-8.44%)
Mutual labels:  malware
Malsub
A Python RESTful API framework for online malware analysis and threat intelligence services.
Stars: ✭ 308 (-3.75%)
Mutual labels:  malware
Dreamerv2
Mastering Atari with Discrete World Models
Stars: ✭ 287 (-10.31%)
Mutual labels:  research
Paco
The Paco behavioral science mobile research platform
Stars: ✭ 314 (-1.87%)
Mutual labels:  research
Docker Cuckoo
Cuckoo Sandbox Dockerfile
Stars: ✭ 289 (-9.69%)
Mutual labels:  malware
Ghost
👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware
Stars: ✭ 312 (-2.5%)
Mutual labels:  malware
Reverse Engineering Tutorial
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 5,763 (+1700.94%)
Mutual labels:  malware
Updated Carbanak Source With Plugins
https://twitter.com/itsreallynick/status/1120410950430089224
Stars: ✭ 303 (-5.31%)
Mutual labels:  malware
Phishing.database
Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.
Stars: ✭ 296 (-7.5%)
Mutual labels:  malware
View All Similar Projects ➔

Android Unpacker

A (hopefully) generic unpacker for packed Android apps.

How does it work?

The tool is a patched version of AOSP with some additional scripts. The scripts executes the emulator and installs the APK. Following execution, it dumps the unpacked version of the DEX using different hooks. The result is two files, one of them should be the real dumped version of the DEX file, depending on how the targeted packer works.

Presented in DEF CON 25 (2017) by:

  • Slava Makkaveev
  • Avi Bashan

How to build?

  1. Clone the AOSP project using the following instructions. Use the android-6.0.1_r65.
  2. Apply unpacker.patch over <aosp folder>/art using $ git apply (Please note, your cwd should be <aosp dir>/art)
  3. Build the AOSP source using $ lunch full-eng

Usage

Execute the following command

$ ./unpacker.sh <aosp folder> <apk>

The unpacked DEX file will be created in the current working dir.

License

Released under "Apache 2.0" license.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].