Skip to content

quark-engine/Dangee

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
.github/workflows
.github/workflows
 
 
dangee
dangee
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Pipfile
Pipfile
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

Dangee Framework

Dangee framework provides information of elements (function, variable etc.) in android binaries. Users can therefore, use these information to construct the analysis, find potential malicious activites or security vulnerabilities.

Installation

pip install -U Dangee

QuickStart

from dangee.core import Dangee

d = Dangee("Roaming_Mantis.dex")

Usage

  1. Show all method
d.value
  1. Show Android native API
d.isNative().value
  1. Show self-defined method
d.isSelfDefine().value
  1. Matching method by case-insensitive words
d.isNative().match("package").value

Multi-level match

d.isNative().match("package").match("UsageStats").value
  1. Crossreferences (XREFs)
# XREFs FROM:
m1 = d.isNative().match("usage")
m1.get_xref_from().value

# XREFs TO:
m2 = d.isSelfDefine().match("getTopActivityName$loader_release")
m2.get_xref_to().value
  1. Data flow check
m1 = d.isNative().match("usage")
m2 = d.isNative().match("package")

m1.dataFlowto(m2)

list[ {tuple(method1, method2) : result_of_data_flow_to_found } ]

About

Simple parts to construct your binary analysis

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

2 stars

Watchers

5 watching

Forks

2 forks
Report repository

Releases 3

0.0.3 Latest
Dec 24, 2020
+ 2 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages