I’ve started some months ago with a post about Androguard and how to use it for reversing of Android apps. Androguard is still one of the most common tools for malware analysis and pentesting of Android apps, but there is a new tool on the horizon that I really want to show you. This tool combines a lot of the tasks that an analyst is facing during his day-to-day work routine in just one UI. The Tool is called Codeinspect and is developed at the Fraunhofer SIT.
Some weeks ago I did a short presentation on this years German OWASP day in Frankfurt and I would like to publish the most important points of our research here as well.
Reversing Android applications is something I’m doing very regularly. Thus, I thought writing some small and simple step by step guides for available tools could be helpful for the community, especially for people that are just starting to work on this topic.
Today I will start with Androguard, but I hope that there will be enough time in the future to continue those guides for other tools.
One of our students has built a great security app for the Android platform with support for crowed intelligence – ContrOWL.
ContrOWL is a security app that helps you find potential threads among your installed apps. It can also check freshly added apps on the fly and notify you if an app is rated as suspicious. ContrOWL also gives you information about top used permissions and broadcast intents of malware apps which should help you to evaluate them.
Please support him and test his app!