DROIDDETECTIVE — ANALYSE ANDROID APPS FOR MALWARE
According to the author DroidDetective is a Python tool for analyzing Android applications (APKs) for potential malware related behaviour and configurations. When provided with a path to an application (APK file) Droid Detective will make a prediction (using it’s ML model) to find out if the application is malicious. Features and qualities of Droid Detective include:
- Analysing which of ~330 permissions are specified in the application’s
AndroidManifest.xmlfile.
- Analysing the number of standard and proprietary permissions in use in the application’s
AndroidManifest.xmlfile.
- Using a RandomForest machine learning classifier, trained off the above data, from ~14 malware families and ~100 Google Play Store applications.
Installing droidDetective is simple, we first need to clone the github repo.
sudo git clone https://github.com/user1342/DroidDetective.git
Now DroidDetective is fully installed on our system
You need to provide an android application to start the scanning process, in my example i have created an android apk file with msfvenom and stored in my document directory. i can run the following command to scan it with Droiddetective
After an analysis of my android app, the results show that it contains malware and that’s true because it was created by msfvenom
Malware analysis is a good skill to master for any serious ethical hacker as it gives you the necessary skillset to analyze applications for malware. DroidDetective will help you and also make your work easier.
Don’t forget to check out my YouTube channel for video tutorials.
Originally published at https://www.itwithguyo.tk.
