Author: Anthony Desnos
Website: http://code.google.com/p/androguard/
Current version: 1.9
Last updated: December 05, 2012
Direct D/L link: https://androguard.googlecode.com/files/androguard-1.9.tar.gz
License type: LGPL
Description
Androguard (Android Guard) is primarily a tool written in full python to play with:
- .class (JavaVM)
- .dex (DalvikVM)
- APK
- JAR
- Android’s binary xml
Features
- Map and manipulate DEX/ODEX/APK/AXML/ARSC format into full Python objects
- Diassemble/Decompilation/Modification of DEX/ODEX/APK format
- Decompilation with the first native (directly from dalvik bytecodes to java source codes) dalvik decompiler (DAD)
- Access to static code analysis. Includes basic blocks, instructions, permissions (with database from http://www.android-permissions.org/)
- Allows creating your own static analysis tool
- Analysis a bunch of Android apps
- Analysis with ipython/Sublime Text Editor
- Diffing of Android applications
- Measure the efficiency of obfuscators (proguard, …)
- Determine if your application has been pirated (plagiarism/similarities/rip-off indicator)
- Check if an Android application is present in a database (malwares, goodwares ?)
- Open source database of Android malware (done in limited free time, so help is welcome!)
- Detection of ad/open source librairies (WIP)
- Risk indicator of malicious application
- Reverse engineering of applications (goodwares, malwares)
- Transform Android’s binary xml (like AndroidManifest.xml) into classic xml
- Visualize your application with gephi (gexf format), or with cytoscape (xgmml format), or PNG/DOT output
- Integration with external decompilers (JAD+dex2jar/DED/fernflower/jd-gui…)