• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

xtiankisutsa/MARA_Framework: MARA is a Mobile Application Reverse engineering an ...

原作者: [db:作者] 来自: 网络 收藏 邀请

开源软件名称(OpenSource Name):

xtiankisutsa/MARA_Framework

开源软件地址(OpenSource Url):

https://github.com/xtiankisutsa/MARA_Framework

开源编程语言(OpenSource Language):

Python 95.4%

开源软件介绍(OpenSource Introduction):

MARA_Framework

MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools, to assist in testing mobile applications against the OWASP mobile security threats. Its objective is to make this task easier and friendlier to mobile application developers and security professionals.

MARA is developed and maintained by @xtian_kisutsa and @iamckn. It is in its very early stages of development and there is a lot more to come, in line with our roadmap. Any contributions and suggestions to the tool will be highly appreciated.

Alt

Features supported

APK Reverse Engineering

  • Disassembling Dalvik bytecode to smali bytecode via baksmali and apktool
  • Disassembling Dalvik bytecode to java bytecode via enjarify
  • Decompiling APK to Java source code via jadx

APK Deobfuscation

APK Analysis

  • Parsing smali files for analysis via smalisca
  • Dump apk assets,libraries and resources
  • Extracting certificate data via openssl
  • Extract strings and app permissions via aapt
  • Identify methods and classes via ClassyShark
  • Scan for apk vulnerabilities via androbugs
  • Analyze apk for potential malicious behaviour via androwarn
  • Identify compilers, packers and obfuscators via APKiD
  • Extract execution paths, IP addresses, URL, URI, emails via regex

APK Manifest Analysis

  • Extract Intents
  • Extract exported activities
  • Extract receivers
  • Extract exported receivers
  • Extract Services
  • Extract exported services
  • Check if apk is debuggable
  • Check if apk allows backups
  • Check if apk allows sending of secret codes
  • Check if apk can receive binary SMS

Domain Analysis

Security Analysis

Additional information about the framework, prerequisites and the installation guide is available on the wiki




鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap