On Android app analysis, there are a lot of localization software to do the job,
Just, today we introduce an online security audit, malware (Android app) detection and analysis tools, Mobiseclab,
Since there is less introduction to this tool in China, there are actually very many people who use it silently. Don't believe you. Number of apps upload:
Well, since a short period of time [the earliest sample is actually this year's October 1] so much, see so much is a sample of others, we should try it ourselves:
0x00
First of all, you have to have an account, go to http://akana.mobiseclab.org/register.jsp here to register, note here is the need to invite code, the following is also a hint, you need to send a letter to the laboratory email, and then, They'll assign you an invitation code to reply to your email address [pay attention to writing English!]
Then you will be able to register and then ...
0x01
This is the personal analysis list, and the upload in the upper right corner will continue to upload the app.
The first column state indicates the processing status, the analysis type is now only malware analysis, and the other Secure Assessment (security assessment) is not yet open to the outside.
The right side of the action bar is a few different operations, here will first show you the site to give the report, and then take everyone to see the anti-compiled content →→
Here we will first click on the "GET report" under the Operation Action menu to see an overview of the analysis of this app:
OK. The reports here are labeled with color blocks and their ratings. We have a general summary, and the following will be able to enter a more satisfactory IDE.
Click "Enter IAE" will be able to enter the overall anti-compiled app information, which is presented in a visual IDE, believe that the programming of children's shoes is also more familiar.
The left-hand side is two menus, one is the project browse, the other is the issues, that is, the risk point. Here is a simple screenshot of the picture:
There will be a list of possible risk issues, click on each block, will enter the corresponding code, convenient analysis and debugging [click on the image to see the big picture].
And, in terms of code, there are corresponding functions, variable shortcut operations:
Here the Visual IDE experience is very good, including search, jump, prompt to do is very good, OK, with such a sharp weapon, small partners can try their own analysis.
Article to the end of this, the next to take a detailed sample of the analysis, to step by step to see, wirelessly app is how step by step to erode the user ...
Finally attach url:http://akana.mobiseclab.org/
The content will gradually migrate to personal blogs later.
A lot of other content, please visit the personal blog http://www.chengyafei.cn
Android Security Audit Mobiseclab