def get_json_report(self):
"""
Get quark report including summary and detail with json format.
:return: json report
"""
w = Weight(
self.quark_analysis.score_sum, self.quark_analysis.weight_sum
)
warning = w.calculate()
# Filter out color code in threat level
for level in ["Low Risk", "Moderate Risk", "High Risk"]:
if level in warning:
warning = level
return {
"md5": self.apkinfo.md5,
"apk_filename": self.apkinfo.filename,
"size_bytes": self.apkinfo.filesize,
"threat_level": warning,
"total_score": self.quark_analysis.score_sum,
"crimes": self.quark_analysis.json_report,
}
def test_calculate(self, data):
score_sum, weight_sum = data
weight_obj = Weight(score_sum, weight_sum)
assert weight_obj.calculate() in [
"\x1b[92mLow Risk\x1b[0m",
"\x1b[33mModerate Risk\x1b[0m",
"\x1b[91mHigh Risk\x1b[0m",
]
def test_calculate_with_value_error(self, expected_failed_data):
score_sum, weight_sum = expected_failed_data
weight_obj = Weight(score_sum, weight_sum)
assert weight_obj.calculate() in [
"\x1b[92mLow Risk\x1b[0m",
"\x1b[33mModerate Risk\x1b[0m",
"\x1b[91mHigh Risk\x1b[0m",
]
def test_calculate_with_unexpected_data(self, unexpected_data):
score_sum, weight_sum = unexpected_data
weight_obj = Weight(score_sum, weight_sum)
assert weight_obj.calculate() in [
"\x1b[92mLow Risk\x1b[0m",
"\x1b[33mModerate Risk\x1b[0m",
"\x1b[91mHigh Risk\x1b[0m",
]
def test_init(self, expected_data):
score_sum, weight_sum = expected_data
weight_obj = Weight(score_sum, weight_sum)
with pytest.raises(TypeError):
_ = Weight()
assert weight_obj.score_sum == score_sum
assert weight_obj.weight_sum == weight_sum
def test_init(self, data):
score_sum, weight_sum = data
weight_obj = Weight(score_sum, weight_sum)
with pytest.raises(TypeError):
weight_obj_no_argu = Weight()
assert weight_obj.score_sum == score_sum
assert weight_obj.weight_sum == weight_sum
assert isinstance(weight_obj, Weight)
def entry_point(summary, detail, apk, rule):
"""Quark is an Obfuscation-Neglect Android Malware Scoring System"""
if summary:
# show summary report
# Load APK
data = XRule(apk)
# Load rules
rules_list = os.listdir(rule)
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
rule_checker = RuleObject(rulepath)
# Run the checker
data.run(rule_checker)
data.show_summary_report(rule_checker)
w = Weight(data.score_sum, data.weight_sum)
print_warning(w.calculate())
print_info("Total Score: " + str(data.score_sum))
print(data.tb)
if detail:
# show summary report
# Load APK
data = XRule(apk)
# Load rules
rules_list = os.listdir(rule)
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
print(rulepath)
rule_checker = RuleObject(rulepath)
# Run the checker
data.run(rule_checker)
data.show_detail_report(rule_checker)
print_success("OK")
def generate_report(self, result):
if not result:
json_report = {
"sample": self.apk_hash,
"size": os.path.getsize(self.apk),
"apk-name": self.apk_name,
"analysis_status": 2,
}
with open( REPORT_PATH + name, "w+") as report_file:
json.dump(json_report, report_file, indent=4)
report_file.close()
return json_report
w = Weight(self.data.score_sum, self.data.weight_sum)
risk = self._check_risk(w.calculate())
json_report={
"sample": self.apk_hash,
"apk-name": self.apk_name,
"size": os.path.getsize(self.apk),
"warnning": risk,
"total-score": self.data.score_sum,
"crimes": self.json_crimes,
"analysis_status": 1,
}
name = self.apk_hash + ".json"
report_path = REPORT_PATH + name
with open( REPORT_PATH + name, "w+") as report_file:
json.dump(json_report, report_file, indent=4)
report_file.close()
return json_report
def entry_point(summary, detail, apk, folder, rule, output, graph,
classification, threshold):
"""Quark is an Obfuscation-Neglect Android Malware Scoring System"""
if apk:
# Load APK
datas = []
datas.append(Quark(apk))
elif folder:
# Load APK Files from specific folder
datas = []
for roots, dirs, files in os.walk(str(folder)):
for f in files:
if f.endswith(".apk"):
datas.append(Quark(os.path.join(roots, f)))
else:
# Set folder to be "./" & Load folder
folder = "./"
datas = []
for roots, dirs, files in os.walk(str(folder)):
for f in files:
if f.endswith(".apk"):
datas.append(Quark(os.path.join(roots, f)))
if summary:
# Show summary report
# Load rules
rules_list = os.listdir(rule)
for single_rule in tqdm(rules_list):
if single_rule.endswith("json"):
rulepath = os.path.join(rule, single_rule)
rule_checker = QuarkRule(rulepath)
# Run the checker
for data in datas:
data.run(rule_checker)
data.show_summary_report(rule_checker, threshold)
for data in datas:
w = Weight(data.quark_analysis.score_sum,
data.quark_analysis.weight_sum)
print_warning(w.calculate())
print_info("Total Score: " + str(data.quark_analysis.score_sum))
print(data.quark_analysis.summary_report_table)
if classification:
data.show_rule_classification()
if graph:
data.show_call_graph()
if detail:
# Show detail report
# Load rules
rules_list = os.listdir(rule)
for single_rule in tqdm(rules_list):
if single_rule.endswith("json"):
rulepath = os.path.join(rule, single_rule)
print(rulepath)
rule_checker = QuarkRule(rulepath)
# Run the checker
for data in datas:
data.run(rule_checker)
data.show_detail_report(rule_checker)
print_success("OK")
for data in datas:
if classification:
data.show_rule_classification()
if graph:
data.show_call_graph()
if output:
# show json report
# Load rules
rules_list = os.listdir(rule)
for single_rule in tqdm(rules_list):
if single_rule.endswith("json"):
rulepath = os.path.join(rule, single_rule)
rule_checker = QuarkRule(rulepath)
# Run the checker
for data in datas:
data.run(rule_checker)
data.generate_json_report(rule_checker)
for data in datas:
json_report = data.get_json_report()
with open(output, "w") as file:
json.dump(json_report, file, indent=4)
file.close()
def entry_point(jreport, reports, generate, summary, detail, apk, rule):
"""Quark is an Obfuscation-Neglect Android Malware Scoring System"""
if generate:
# Generate rules
# Load rules
rules_list = os.listdir(rule)
# Load apks
apk_list = os.listdir(apk)
# Pretty Table Output
tb = PrettyTable()
tb.field_names = ["Count", "Rule No.", "crime", "confidence"]
tb.align = "l"
filted_rules = []
# count filting rule amount
rule_count = 0
for apk_file in apk_list:
apk_file = os.path.join(apk, apk_file)
data = XRule(apk_file)
print("Analyzing {} ====".format(apk_file))
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
rule_checker = RuleObject(rulepath)
# Run the checker
data.run(rule_checker)
confidence = data.get_conf(rule_checker)
# only get 100% confidence
if confidence > 4:
tb.add_row([
rule_count, single_rule, rule_checker.crime,
str(confidence * 20) + "%"
])
rule_count += 1
filted_rules.append(single_rule)
# open rule list file
LIST_FILE_PATH = "../android_rule/quark_android_rule/data/"
with open(LIST_FILE_PATH + "rule_list", "w+") as rule_list_file:
rule_list_file.writelines("%s\n" % line for line in filted_rules)
rule_list_file.close()
print(tb)
if reports:
# show summary report
# Load APK
# Load rules
rules_list = os.listdir(rule)
# Loads apks
apk_list = []
try:
apk_list = os.listdir(apk)
except:
a = apk.split('/')[-1]
apk = apk.replace(a, "")
apk_list = [a]
pass
for apk_file in apk_list:
json_crimes = []
apk_file = os.path.join(apk, apk_file)
print("now analyze: " + apk_file)
data = XRule(apk_file)
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
rule_checker = RuleObject(rulepath)
# Run the checker
try:
data.run(rule_checker)
except:
pass
data.show_summary_report(rule_checker)
crime, confidence, score, weight = data.get_json_report(
rule_checker)
if crime == "":
continue
json_crime = {
"_id": str(uuid.uuid4()),
"rule": crime,
"permissions": rule_checker.x1_permission,
"methods": rule_checker.x2n3n4_comb,
"confidence": confidence,
"score": score,
"weight": weight
}
check = True
if json_crime["confidence"] > 0:
for j in json_crimes:
if j["permissions"].sort(
) == json_crime["permissions"].sort():
if j["methods"][0] == json_crime["methods"][
1] and j["methods"][1] == json_crime[
"methods"][0]:
# count += 1
check = False
break
if check:
json_crimes.append(json_crime)
w = Weight(data.score_sum, data.weight_sum)
print_warning(w.calculate())
print_info("Total Score: " + str(data.score_sum))
# If command --json output report by json
if jreport:
sha512 = FileHash("sha512")
f_hash = sha512.hash_file(apk_file)
path = "/Users/pock/quark/quark-engine-web/data/report/"
json_report = {
"_id": str(uuid.uuid4()),
"sample": f_hash,
"apk-name": apk_file.split('/')[-1],
"size": os.path.getsize(apk_file),
"warnning": w.calculate(),
"total-score": data.score_sum,
"last-update": datetime.datetime.now().strftime("%c"),
"crimes": json_crimes
}
name = "report_" + f_hash + ".json"
with open(path + name, "w+") as report_file:
json.dump(json_report, report_file, indent=4)
report_file.close()
# print(data.tb)
if summary:
# show summary report
# Load APK
data = XRule(apk)
# Load rules
rules_list = os.listdir(rule)
json_crimes = []
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
rule_checker = RuleObject(rulepath)
# Run the checker
data.run(rule_checker)
data.show_summary_report(rule_checker)
crime, confidence, score, weight = data.get_json_report(
rule_checker)
json_crime = {
"rule": crime,
"permissions": rule_checker.x1_permission,
"methods": rule_checker.x2n3n4_comb,
"confidence": confidence,
"score": score,
"weight": weight
}
if json_crime["confidence"] > 0:
json_crimes.append(json_crime)
w = Weight(data.score_sum, data.weight_sum)
print_warning(w.calculate())
print_info("Total Score: " + str(data.score_sum))
# If command --json output report by json
if jreport:
sha512 = FileHash("sha512")
f_hash = sha512.hash_file(apk)
path = "/Users/pock/quark/quark-engine-web/data/report/"
json_report = {
"sample": f_hash,
"apk-name": apk.split('/')[-1],
"size": os.path.getsize(apk),
"warnning": w.calculate(),
"total-score": data.score_sum,
"crimes": json_crimes
}
name = "report_" + f_hash + ".json"
with open(path + name, "w+") as report_file:
json.dump(json_report, report_file, indent=4)
print(json.dumps(json_report, indent=4))
report_file.close()
print(data.tb)
if detail:
# show summary report
# Load APK
data = XRule(apk)
# Load rules
rules_list = os.listdir(rule)
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
print(rulepath)
rule_checker = RuleObject(rulepath)
# Run the checker
data.run(rule_checker)
data.show_detail_report(rule_checker)
print_success("OK")
def entry_point(summary, detail, apk, rule, output, graph, classification):
"""Quark is an Obfuscation-Neglect Android Malware Scoring System"""
if summary:
# show summary report
# Load APK
data = Quark(apk)
# Load rules
rules_list = os.listdir(rule)
for single_rule in tqdm(rules_list):
if single_rule.endswith("json"):
rulepath = os.path.join(rule, single_rule)
rule_checker = QuarkRule(rulepath)
# Run the checker
data.run(rule_checker)
data.show_summary_report(rule_checker)
w = Weight(data.quark_analysis.score_sum,
data.quark_analysis.weight_sum)
print_warning(w.calculate())
print_info("Total Score: " + str(data.quark_analysis.score_sum))
print(data.quark_analysis.summary_report_table)
if classification:
data.show_rule_classification()
if graph:
data.show_call_graph()
if detail:
# show summary report
# Load APK
data = Quark(apk)
# Load rules
rules_list = os.listdir(rule)
for single_rule in tqdm(rules_list):
if single_rule.endswith("json"):
rulepath = os.path.join(rule, single_rule)
print(rulepath)
rule_checker = QuarkRule(rulepath)
# Run the checker
data.run(rule_checker)
data.show_detail_report(rule_checker)
print_success("OK")
if classification:
data.show_rule_classification()
if graph:
data.show_call_graph()
if output:
# show json report
# Load APK
data = Quark(apk)
# Load rules
rules_list = os.listdir(rule)
for single_rule in tqdm(rules_list):
if single_rule.endswith("json"):
rulepath = os.path.join(rule, single_rule)
rule_checker = QuarkRule(rulepath)
# Run the checker
data.run(rule_checker)
data.generate_json_report(rule_checker)
json_report = data.get_json_report()
with open(output, "w") as f:
json.dump(json_report, f, indent=4)
f.close()
def entry_point(
summary,
detail,
rule_generation,
apk,
rule,
output,
webreport,
graph,
classification,
threshold,
list,
permission,
label,
comparison,
core_library,
num_of_process,
):
"""Quark is an Obfuscation-Neglect Android Malware Scoring System"""
# Load rules
rule_buffer_list = []
rule_filter = summary or detail
# Determine the location of rules
if rule_filter and rule_filter.endswith("json"):
if not os.path.isfile(rule_filter):
print_warning(
f"Specified rule not found.\n"
f"If you want to specify one of the rules of Quark-Rule, "
f"use {yellow(f'{config.DIR_PATH}/{rule_filter}')} "
f"as an argument.")
return
rule_path_list = [rule_filter]
else:
rule_path_list = [
os.path.join(dir_path, file)
for dir_path, _, file_list in os.walk(rule) for file in file_list
if file.endswith("json")
]
# Load rules into memory
update_rule_buffer(rule_buffer_list, rule_path_list)
# Determine if the user provide a rule label
if (rule_filter and rule_filter != "all_rules"
and not rule_filter.endswith("json")):
rule_checker_list = [
rule_checker for rule_checker in rule_buffer_list
if rule_filter in rule_checker.label
]
else:
rule_checker_list = rule_buffer_list
if comparison:
# selection of labels on which it will be done the comparison on radar chart
# first look for all label found in the rule list
all_labels = set() # array type, e.g. ['network', 'collection']
for rule_checker in rule_checker_list:
all_labels.update(rule_checker.label)
# let user choose a list of label on which it will be performed the analysis
selected_label = np.array(
select_label_menu(all_labels, min_labels=5, max_labels=15))
# perform label based analysis on the apk_
malware_confidences = {}
for apk_ in apk:
data = (ParallelQuark(apk_, core_library, num_of_process)
if num_of_process > 1 else Quark(apk_, core_library))
all_labels = {}
# dictionary containing
# key: label
# value: list of confidence values
# $ print(all_rules["accessibility service"])
# > [60, 40, 60, 40, 60, 40]
# analyse malware only on rules where appears label selected
rule_checker_list = [
rule_checker for rule_checker in rule_buffer_list
if len(np.intersect1d(rule_checker.label, selected_label)) != 0
]
if num_of_process > 1:
data.apply_rules(rule_checker_list)
for rule_checker in tqdm(rule_checker_list):
# Run the checker
data.run(rule_checker)
confidence = rule_checker.check_item.count(True) * 20
labels = (rule_checker.label
) # array type, e.g. ['network', 'collection']
for single_label in labels:
if single_label in all_labels:
all_labels[single_label].append(confidence)
else:
all_labels[single_label] = [confidence]
# extrapolate data used to plot radar chart
radar_data = {}
for _label in selected_label:
confidences = np.array(all_labels[_label])
# on radar data use the maximum confidence for a certain label
radar_data[_label] = np.max(confidences)
radar_confidence = [
value_ for _label, value_ in radar_data.items()
]
malware_confidences[apk_.split("/")[-1]] = radar_confidence
show_comparison_graph(
title=f"Malicious Actions Comparison Between {len(apk)} Malwares",
lables=selected_label,
malware_confidences=malware_confidences,
font_size=22,
)
return
# Load APK
data = (ParallelQuark(apk[0], core_library, num_of_process)
if num_of_process > 1 else Quark(apk[0], core_library))
if label:
all_labels = {}
# dictionary containing
# key: label
# value: list of confidence values
# $ print(all_rules["accessibility service"])
# > [60, 40, 60, 40, 60, 40]
if num_of_process > 1:
data.apply_rules(rule_buffer_list)
for rule_checker in tqdm(rule_buffer_list):
# Run the checker
data.run(rule_checker)
confidence = rule_checker.check_item.count(True) * 20
labels = (rule_checker.label
) # array type, e.g. ['network', 'collection']
for single_label in labels:
if single_label in all_labels:
all_labels[single_label].append(confidence)
else:
all_labels[single_label] = [confidence]
# get how many label with max confidence >= 80%
counter_high_confidence = sum(
max(value) >= 80 for single_label, value in all_labels.items())
print_info(f"Total Label found: {yellow(len(all_labels))}")
print_info(
f"Rules with label which max confidence >= 80%: {yellow(counter_high_confidence)}"
)
data.show_label_report(rule, all_labels, label)
print(data.quark_analysis.label_report_table)
# Show summary report
if summary:
if isinstance(data, ParallelQuark):
data.apply_rules(rule_checker_list)
for rule_checker in tqdm(rule_checker_list):
# Run the checker
data.run(rule_checker)
data.show_summary_report(rule_checker, threshold)
w = Weight(data.quark_analysis.score_sum,
data.quark_analysis.weight_sum)
print_warning(w.calculate())
print_info(f"Total Score: {data.quark_analysis.score_sum}")
print(data.quark_analysis.summary_report_table)
if classification:
data.show_rule_classification()
if graph:
data.show_call_graph(graph)
# Show detail report
if detail:
threshold_number = int(threshold) if threshold else 0
if isinstance(data, ParallelQuark):
data.apply_rules(rule_checker_list)
for rule_checker in tqdm(rule_checker_list):
# Run the checker
data.run(rule_checker)
confidence = rule_checker.check_item.count(True) * 20
if confidence >= threshold_number:
print(f"Rulepath: "
f"{os.path.join(rule, rule_checker.rule_filename)}")
print(f"Rule crime: {rule_checker.crime}")
data.show_detail_report(rule_checker)
print_success("OK")
if classification:
data.show_rule_classification()
if graph:
data.show_call_graph()
if rule_generation:
generator = RuleGeneration(apk[0], rule_generation)
if webreport:
if ".html" not in webreport:
webreport = f"{webreport}.html"
webreport_file = os.path.join(rule_generation, webreport)
generator.generate_rule(web_editor=webreport_file)
else:
generator.generate_rule()
# Show JSON report
if output:
if isinstance(data, ParallelQuark):
data.apply_rules(rule_buffer_list)
for rule_checker in tqdm(rule_buffer_list):
# Run the checker
data.run(rule_checker)
data.generate_json_report(rule_checker)
json_report = data.get_json_report()
with open(output, "w") as file:
json.dump(json_report, file, indent=4)
file.close()
# Generate web report
if webreport:
if summary or detail:
for rule_checker in tqdm(rule_buffer_list):
data.generate_json_report(rule_checker)
json_report = data.get_json_report()
report_html = ReportGenerator(
json_report).get_analysis_report_html()
if ".html" not in webreport:
webreport = f"{webreport}.html"
with open(webreport, "w") as file:
file.write(report_html)
file.close()
if list:
if list == "all":
for all_method in data.apkinfo.all_methods:
print(all_method.full_name)
if list == "native":
for api in data.apkinfo.android_apis:
print(api.full_name)
if list == "custom":
for custom_method in data.apkinfo.custom_methods:
print(custom_method.full_name)
if permission:
for p in data.apkinfo.permissions:
print(p)
if isinstance(data, ParallelQuark):
data.close()
def entry_point(
summary, detail, apk, rule, output, graph, classification, threshold, list
):
"""Quark is an Obfuscation-Neglect Android Malware Scoring System"""
# Load APK
data = Quark(apk)
# Load rules
rules_list = [x for x in os.listdir(rule) if x.endswith("json")]
# Show summary report
if summary:
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
rule_checker = QuarkRule(rulepath)
# Run the checker
data.run(rule_checker)
data.show_summary_report(rule_checker, threshold)
w = Weight(data.quark_analysis.score_sum, data.quark_analysis.weight_sum)
print_warning(w.calculate())
print_info("Total Score: " + str(data.quark_analysis.score_sum))
print(data.quark_analysis.summary_report_table)
if classification:
data.show_rule_classification()
if graph:
data.show_call_graph()
# Show detail report
if detail:
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
print(rulepath)
rule_checker = QuarkRule(rulepath)
# Run the checker
data.run(rule_checker)
data.show_detail_report(rule_checker)
print_success("OK")
if classification:
data.show_rule_classification()
if graph:
data.show_call_graph()
# Show JSON report
if output:
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
rule_checker = QuarkRule(rulepath)
# Run the checker
data.run(rule_checker)
data.generate_json_report(rule_checker)
json_report = data.get_json_report()
with open(output, "w") as file:
json.dump(json_report, file, indent=4)
file.close()
if list:
for api in data.apkinfo.android_apis:
print(api.full_name)
def entry_point(
summary,
detail,
apk,
rule,
output,
graph,
classification,
threshold,
list,
permission,
label,
):
"""Quark is an Obfuscation-Neglect Android Malware Scoring System"""
# Load APK
data = Quark(apk)
# Load rules
rules_list = [x for x in os.listdir(rule) if x.endswith("json")]
if label:
all_labels = {}
# dictionary containing
# key: label
# value: list of confidence values
# $ print(all_rules["accessibility service"])
# > [60, 40, 60, 40, 60, 40]
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
rule_checker = QuarkRule(rulepath)
# Run the checker
data.run(rule_checker)
confidence = rule_checker.check_item.count(True) * 20
labels = rule_checker._label # array type, e.g. ['network', 'collection']
for single_label in labels:
if single_label in all_labels:
all_labels[single_label].append(confidence)
else:
all_labels[single_label] = [confidence]
# get how many label with max confidence >= 80%
counter_high_confidence = 0
for single_label in all_labels:
if max(all_labels[single_label]) >= 80:
counter_high_confidence += 1
print_info("Total Label found: " + yellow(str(len(all_labels))))
print_info("Rules with label which max confidence >= 80%: " +
yellow(str(counter_high_confidence)))
data.show_label_report(rule, all_labels, label)
print(data.quark_analysis.label_report_table)
# Show summary report
if summary:
if summary == "all_rules":
label_flag = False
elif summary.endswith("json"):
rules_list = [summary]
label_flag = False
else:
label_flag = True
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
rule_checker = QuarkRule(rulepath)
labels = rule_checker._label
if label_flag:
if summary not in labels:
continue
# Run the checker
data.run(rule_checker)
data.show_summary_report(rule_checker, threshold)
w = Weight(data.quark_analysis.score_sum,
data.quark_analysis.weight_sum)
print_warning(w.calculate())
print_info("Total Score: " + str(data.quark_analysis.score_sum))
print(data.quark_analysis.summary_report_table)
if classification:
data.show_rule_classification()
if graph:
data.show_call_graph()
# Show detail report
if detail:
if detail == "all_rules":
label_flag = False
elif detail.endswith("json"):
rules_list = [detail]
label_flag = False
else:
label_flag = True
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
rule_checker = QuarkRule(rulepath)
labels = rule_checker._label
if label_flag:
if detail not in labels:
continue
# Run the checker
data.run(rule_checker)
print("Rulepath: " + rulepath)
print("Rule crime: " + rule_checker._crime)
data.show_detail_report(rule_checker)
print_success("OK")
if classification:
data.show_rule_classification()
if graph:
data.show_call_graph()
# Show JSON report
if output:
for single_rule in tqdm(rules_list):
rulepath = os.path.join(rule, single_rule)
rule_checker = QuarkRule(rulepath)
# Run the checker
data.run(rule_checker)
data.generate_json_report(rule_checker)
json_report = data.get_json_report()
with open(output, "w") as file:
json.dump(json_report, file, indent=4)
file.close()
if list:
if list == "all":
for all_method in data.apkinfo.all_methods:
print(all_method.full_name)
if list == "native":
for api in data.apkinfo.android_apis:
print(api.full_name)
if list == "custom":
for custom_method in data.apkinfo.custom_methods:
print(custom_method.full_name)
if permission:
for p in data.apkinfo.permissions:
print(p)