Skip to content

rudinyu/Android-Malware-Sandbox

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

45 Commits

config

config

 
 

frida_scripts

frida_scripts

 
 

lib

lib

 
 

plugins

plugins

 
 

reports

reports

 
 

scripts

scripts

 
 

templates

templates

 
 

tests

tests

 
 

tmp

tmp

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

config.py

config.py

 
 

main.py

main.py

 
 

package.json

package.json

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

Android Malware Sandbox

This project aim to provide a simple configurable and modulable sandbox for quickly sandbox known or unknown families of Android Malware.

Requirements

An emulator created with AVD would be the best, I personnaly use an AVD emulator with Android 7.0 without Google Apis and Arch:x86_64.

pip3 install -r requirements.txt
sudo npm install -g frida-compile
npm install

Usage :

python3 main.py <file(s) to analyse>

How it works

This sandbox is tested on Android 7 emulator.

It will spawn an emulator and then install the necessary to use Frida, then spawn a Mitmproxy install and install it's certificate. Then it will install all the applications one by one and log all their behaviours ( depending on your config ).

To configure your analysis, the config file is located in config/config.ini

Customizing

You can easily add a plugin in plugins folder to automatically hook calls, and then save them to the database

TODO(s) :

  • Improve reports

About

Android Malware Sandbox

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 72.7%
  • JavaScript 17.7%
  • HTML 9.1%
  • Shell 0.5%