Cross-platform static analysis software for analyzing Android Applications
This project was successfully completed through team collaboration during the Project-Based Learning course at Vilnius University.
Team members:
Čepulis Nerijus
Kabišaitytė Evelina
Maciūnas Adrijanas Juozas
Petkevičius Lukas
Our goal is to create a versatile tool for in-depth analysis of Android applications. This software is designed decompile APK files from the Android store, enabling users to conduct thorough investigations into their Java code. Key features include the ability to detect and analyze potentially dangerous code patterns, which are identified based on a specific method, that rewrites dangerous patterns as a list of dangerous patterns detectors.
The analysis results are then articulated in a detailed PDF report. This report includes not only textual information but also graphical representations of dangerous patterns as well as code snippets from our pattern investigation.
Our vision is to empower both experienced and novice users with a robust, user-friendly tool that makes the complex task of static analysis more approachable and effective, contributing to safer Android application development and usage.
-
Contribution Guidelines If you're interested in contributing to this project, please refer to this section for essential information and guidelines.
-
Supported command line arguments Explore this section, to gain insights on each available parameters and their usage.
-
Dangerous patterns detectors Learn about the mechanisms we've implemented for identifying dangerous patterns.
-
Describing dangerous patterns in a json file Enhance your understanding on how to describe dangerous patterns in a structured
JSONformat. -
Project Architecture Overview Get a detailed overview of the project architecture, including the key components and their responsibilities.
These dependencies are automatically included in our program
For dataflow graph generation this dependancy should be installed:
Java version 19 or newer is needed to compile this program!
On Linux, MacOS & Windows versions that support shell scripts
./gradlew build
On windows
gradlew.bat build
Run the generated JAR file
java -jar build/libs/sus.jar
Please make sure to also keep the /tools folder in the root folder of the project!
Example of analysis summmary inside PDF
Example of found permissions list inside PDF
Example of found dangerous pattern Inside PDF