DroidBox is developed to offer dynamic analysis of Android applications. The following information is shown in the results, generated when analysis is ended:
- Hashes for the analyzed package
- Incoming/outgoing network data
- File read and write operations
- Started services and loaded classes through DexClassLoader
- Information leaks via the network, file and SMS
- Circumvented permissions
- Cryptography operations performed using Android API
- Listing broadcast receivers
- Sent SMS and phone calls
Additionally, two images are generated visualizing the behavior of the package. One showing the temporal order of the operations and the other one being a treemap that can be used to check similarity between analyzed packages.
Tutorial ::
Download ::
Linux :: Droidbox 4.1.1
Source :: http://code.google.com/p/droidbox/
0 comments :
Post a Comment