Supported Features
APK Reverse Engineering
-
Disassemble Dalvik bytecode into smali bytecode (using baksmali And apktool ) -
Disassemble Dalvik bytecode into java bytecode( enjarify ) -
Decompile APK into Java source code (using jadx )
APK Anti aliasing
-
Anti confusion of APK (Using http://www.apk-deguard.com/ )
APK analysis
-
Parse the smali file for analysis (using smalisca ) -
Dump APK assets, libraries and resources Extract certificate data (using openssl ) -
Extract string and application permissions (use aapt) -
Identify methods and classes (using ClassyShark ) -
Scan for apk vulnerabilities (using androbugs ) -
branch Analysis of APK's potential malicious behavior (using androwarn ) -
Identify compilers, wrappers, and obfuscators (using APKiD ) -
Extract execution path, IP address, URL, URI, e-mail (use regular expression)
APK Manifest analysis
-
Extract Intents -
Extract exported activities -
Extraction receiver -
Extract Exported Receivers -
Fetch Service -
Extract exported services -
Check whether apk can be debugged -
Check whether apk allows backup -
Check whether apk allows sending passwords -
Check Whether APK can receive binary SMS
Domain analysis
-
Perform a domain SSL scan (using pyssltest And testssl ) -
Website fingerprint identification (using whatweb )
safety analysis
-
Based on OWASP Top Mobile Top 10 And Static analysis of source code of OWASP Mobile Apps Checklist -
MARA can execute apk, dex or jar files single or of large number analysis.