From fbc83a5217b27c4a99295abb82cdab9fa220ec36 Mon Sep 17 00:00:00 2001 From: Gabriel Claudiu Georgiu Date: Mon, 14 Aug 2017 13:36:59 +0200 Subject: [PATCH 1/5] Add RiskInDroid tool --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 5d64a3c..a7a82be 100644 --- a/README.md +++ b/README.md @@ -177,6 +177,7 @@ Misc Tools * [dockerfile/androguard](https://github.com/dweinstein/dockerfile-androguard) * [Android Vulnerability Test Suite](https://github.com/AndroidVTS/android-vts) - android-vts scans a device for set of vulnerabilities * [AppMon](https://github.com/dpnishant/appmon)- AppMon is an automated framework for monitoring and tampering system API calls of native macOS, iOS and android apps. It is based on Frida. +* [RiskInDroid](https://github.com/ClaudiuGeorgiu/RiskInDroid) - A tool for calculating the risk of Android apps based on their permissions, with online demo available. ---- # ACADEMIC / RESEARCH / PUBLICATIONS / BOOKS From 5865dae75bc2e153dbb5da88249f570fbb2d03ad Mon Sep 17 00:00:00 2001 From: Gabriel Claudiu Georgiu Date: Tue, 15 Aug 2017 00:33:48 +0200 Subject: [PATCH 2/5] Move RiskInDroid to Static Analysis Tools --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a7a82be..a7f239d 100644 --- a/README.md +++ b/README.md @@ -59,6 +59,7 @@ Static Analysis Tools * [SPARTA](https://www.cs.washington.edu/sparta) - verifies (proves) that an app satisfies an information-flow security policy; built on the [Checker Framework](https://types.cs.washington.edu/checker-framework/) * [ConDroid](https://github.com/JulianSchuette/ConDroid) - Performs a combination of symoblic + concrete execution of the app * [DroidRA](https://github.com/serval-snt-uni-lu/DroidRA) +* [RiskInDroid](https://github.com/ClaudiuGeorgiu/RiskInDroid) - A tool for calculating the risk of Android apps based on their permissions, with online demo available. App Vulnerability Scanners ---- @@ -177,7 +178,6 @@ Misc Tools * [dockerfile/androguard](https://github.com/dweinstein/dockerfile-androguard) * [Android Vulnerability Test Suite](https://github.com/AndroidVTS/android-vts) - android-vts scans a device for set of vulnerabilities * [AppMon](https://github.com/dpnishant/appmon)- AppMon is an automated framework for monitoring and tampering system API calls of native macOS, iOS and android apps. It is based on Frida. -* [RiskInDroid](https://github.com/ClaudiuGeorgiu/RiskInDroid) - A tool for calculating the risk of Android apps based on their permissions, with online demo available. ---- # ACADEMIC / RESEARCH / PUBLICATIONS / BOOKS From 8df381ea30a415d53932a76c08d09afa4548a2b9 Mon Sep 17 00:00:00 2001 From: Tormyst Date: Tue, 15 Aug 2017 13:04:28 -0300 Subject: [PATCH 3/5] Fixing link to Drebin dataset --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5d64a3c..ed41a28 100644 --- a/README.md +++ b/README.md @@ -223,7 +223,7 @@ Malware * [Contagio Mobile Malware Mini Dump](http://contagiominidump.blogspot.com) * [VirusTotal Malware Intelligence Service](https://www.virustotal.com/en/about/contact/) - powered by VirusTotal, not free * [Admire](http://admire.necst.it/) -* ~~[Drebin](http://user.informatik.uni-goettingen.de/~darp/drebin/)~~ +* [Drebin](https://www.sec.cs.tu-bs.de/~danarp/drebin/) From da2cc24a1c73109b99a1c39b5e027577fa4ac428 Mon Sep 17 00:00:00 2001 From: Tormyst Date: Tue, 15 Aug 2017 14:05:19 -0300 Subject: [PATCH 4/5] Removing Drebin from awesome_bot check I am not sure why this is here twice, and I was not going to look into fixing the others, but I figured this at least relates to the fix of Drebin's new location. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 5b03fa5..a69d1f5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,4 +4,4 @@ rvm: before_script: - gem install awesome_bot script: - - awesome_bot --white-list 'http://copperdroid.isg.rhul.ac.uk/copperdroid/','http://sanddroid.xjtu.edu.cn/','http://www.foresafe.com/scan','https://github.com/BaiduSecurityLabs/ZjDroid','https://github.com/yangbean9/ZjDroid','https://appanalysis.org/download.html','http://user.informatik.uni-goettingen.de/~darp/drebin/','https://labs.mwrinfosecurity.com/tools/2012/03/16/mercury/' --allow-redirect --files README.md + - awesome_bot --white-list 'http://copperdroid.isg.rhul.ac.uk/copperdroid/','http://sanddroid.xjtu.edu.cn/','http://www.foresafe.com/scan','https://github.com/BaiduSecurityLabs/ZjDroid','https://github.com/yangbean9/ZjDroid','https://appanalysis.org/download.html','https://labs.mwrinfosecurity.com/tools/2012/03/16/mercury/' --allow-redirect --files README.md From 16e48a2dc3116ddd6c6069fe1e01bc8771581004 Mon Sep 17 00:00:00 2001 From: Ashish Bhatia Date: Fri, 18 Aug 2017 13:35:38 -0700 Subject: [PATCH 5/5] Whitelist opencollective.com Whitelist opencollective.com from awesome bot URL checking --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index a69d1f5..69bf116 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,4 +4,4 @@ rvm: before_script: - gem install awesome_bot script: - - awesome_bot --white-list 'http://copperdroid.isg.rhul.ac.uk/copperdroid/','http://sanddroid.xjtu.edu.cn/','http://www.foresafe.com/scan','https://github.com/BaiduSecurityLabs/ZjDroid','https://github.com/yangbean9/ZjDroid','https://appanalysis.org/download.html','https://labs.mwrinfosecurity.com/tools/2012/03/16/mercury/' --allow-redirect --files README.md + - awesome_bot --white-list 'opencollective.com', 'http://copperdroid.isg.rhul.ac.uk/copperdroid/','http://sanddroid.xjtu.edu.cn/','http://www.foresafe.com/scan','https://github.com/BaiduSecurityLabs/ZjDroid','https://github.com/yangbean9/ZjDroid','https://appanalysis.org/download.html','https://labs.mwrinfosecurity.com/tools/2012/03/16/mercury/' --allow-redirect --files README.md