From 3d855da1fcef9c0d5e5b198dd75eecaeb51259ac Mon Sep 17 00:00:00 2001 From: Subho Halder Date: Sun, 20 Nov 2016 23:47:48 +0800 Subject: [PATCH 1/4] Added Appknox and Devknox --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 93920a8..8163f5f 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,8 @@ A lot of work is happening in academia and industry on tools to perform dynamic ## ONLINE ANALYZERS -1. [AndroTotal](http://andrototal.org/) +1. [Appknox](https://appknox.com) +* [AndroTotal](http://andrototal.org/) * [Dexter](https://dexter.dexlabs.org/) * [Tracedroid](http://tracedroid.few.vu.nl/) * [Visual Threat](http://www.visualthreat.com/) @@ -35,7 +36,8 @@ A lot of work is happening in academia and industry on tools to perform dynamic ## STATIC ANALYSIS TOOLS -1. [Androwarn](https://github.com/maaaaz/androwarn/) - detect and warn the user about potential malicious behaviours developped by an Android application. +1. [Devknox](https://devknox.io/) - Autocorrect security issues as if it was spell check from your IDE +* [Androwarn](https://github.com/maaaaz/androwarn/) - detect and warn the user about potential malicious behaviours developped by an Android application. * [ApkAnalyser](https://github.com/sonyxperiadev/ApkAnalyser) * [APKInspector](https://github.com/honeynet/apkinspector/) * [Droid Intent Data Flow Analysis for Information Leakage](https://www.cert.org/secure-coding/tools/didfail.cfm) From 243078f6ff10dbaffe7cc011442c1ada629b420b Mon Sep 17 00:00:00 2001 From: Subho Halder Date: Sun, 20 Nov 2016 23:54:51 +0800 Subject: [PATCH 2/4] Group it to `not free` category for Appknox --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8163f5f..9e78926 100644 --- a/README.md +++ b/README.md @@ -8,13 +8,13 @@ A lot of work is happening in academia and industry on tools to perform dynamic ## ONLINE ANALYZERS -1. [Appknox](https://appknox.com) -* [AndroTotal](http://andrototal.org/) +1. [AndroTotal](http://andrototal.org/) * [Dexter](https://dexter.dexlabs.org/) * [Tracedroid](http://tracedroid.few.vu.nl/) * [Visual Threat](http://www.visualthreat.com/) * [Mobile Malware Sandbox](http://www.mobilemalware.com.br/analysis/index_en.php) * [MobiSec Eacus](http://www.mobiseclab.org/eacus.jsp) +* [Appknox](https://appknox.com) - not free * [IBM Security AppScan Mobile Analyzer](https://appscan.bluemix.net/mobileAnalyzer) - not free * [NVISO ApkScan](https://apkscan.nviso.be/) * [AVC UnDroid](http://www.av-comparatives.org/avc-analyzer/) From ed37d50eef6eee770bc74704cc9baa3225b7a26a Mon Sep 17 00:00:00 2001 From: Subho Halder Date: Sun, 20 Nov 2016 23:56:28 +0800 Subject: [PATCH 3/4] Move devknox to app vulnerability scanner rather than a static analysis tool --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 9e78926..3314141 100644 --- a/README.md +++ b/README.md @@ -36,8 +36,7 @@ A lot of work is happening in academia and industry on tools to perform dynamic ## STATIC ANALYSIS TOOLS -1. [Devknox](https://devknox.io/) - Autocorrect security issues as if it was spell check from your IDE -* [Androwarn](https://github.com/maaaaz/androwarn/) - detect and warn the user about potential malicious behaviours developped by an Android application. +1. [Androwarn](https://github.com/maaaaz/androwarn/) - detect and warn the user about potential malicious behaviours developped by an Android application. * [ApkAnalyser](https://github.com/sonyxperiadev/ApkAnalyser) * [APKInspector](https://github.com/honeynet/apkinspector/) * [Droid Intent Data Flow Analysis for Information Leakage](https://www.cert.org/secure-coding/tools/didfail.cfm) @@ -56,9 +55,10 @@ A lot of work is happening in academia and industry on tools to perform dynamic ## APP VULNERABILITY SCANNERS -1. [QARK](https://github.com/linkedin/qark/) - QARK by LinkedIn is for app developers to scan app for security issues -2. [AndroBugs](https://github.com/AndroBugs/AndroBugs_Framework) -3. [Nogotofail](https://github.com/google/nogotofail) +1. [Devknox](https://devknox.io/) - Autocorrect security issues as if it was spell check from your IDE +2. [QARK](https://github.com/linkedin/qark/) - QARK by LinkedIn is for app developers to scan app for security issues +3. [AndroBugs](https://github.com/AndroBugs/AndroBugs_Framework) +4. [Nogotofail](https://github.com/google/nogotofail) ## DYNAMIC ANALYSIS TOOLS From 1299216c3871b371049ac7e56e21855b3ddab6ea Mon Sep 17 00:00:00 2001 From: Subho Halder Date: Mon, 5 Dec 2016 12:55:33 +0530 Subject: [PATCH 4/4] Move devknox to number 4 --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 3314141..b33049e 100644 --- a/README.md +++ b/README.md @@ -55,10 +55,10 @@ A lot of work is happening in academia and industry on tools to perform dynamic ## APP VULNERABILITY SCANNERS -1. [Devknox](https://devknox.io/) - Autocorrect security issues as if it was spell check from your IDE -2. [QARK](https://github.com/linkedin/qark/) - QARK by LinkedIn is for app developers to scan app for security issues -3. [AndroBugs](https://github.com/AndroBugs/AndroBugs_Framework) -4. [Nogotofail](https://github.com/google/nogotofail) +1. [QARK](https://github.com/linkedin/qark/) - QARK by LinkedIn is for app developers to scan app for security issues +* [AndroBugs](https://github.com/AndroBugs/AndroBugs_Framework) +* [Nogotofail](https://github.com/google/nogotofail) +* [Devknox](https://devknox.io/) - Autocorrect security issues as if it was spell check from your IDE ## DYNAMIC ANALYSIS TOOLS