MADLIRA – Malware detection using learning and information retrieval for Android

MADLIRA is a tool for Android malware detection. It consists in two components: TFIDF component and SVM learning component. In gerneral, it takes an input a set of malwares and benwares and then extracts the malicious behaviors (TFIDF component) or computes training model (SVM classifier). Then, it uses this knowledge to detect malicious behaviors in the Android application.InsallingDownload file MADLIRA.7z and decompress it.Installed Data:MADLIRA.jar is the main application.noAPI.txt declares the prefix of APIs.family.txt lists malwares by family.Folder TrainData contains the training configuration and training model.Folder Samples contains sample data.Folder TempData contains data for kernel computation.FunctionalityThis tool have two main components: TFIDF component and SVM component.TFIDF componentCommand: MADLIRA TFIDFFor this component, there are two functions: the training function (Malicious behavior extraction) and the test function (Malicious behavior detection)Malicious behavior extractionCollect benign applications and malicious applications and oput them in folders named benginAPKFolder and maliciousApkFolder, respectively.Prepare training data and pack them in two files named benignPack and maliciousPack by using the command:MADLIRA TFIDF packAPK -PB benignApkFolder -B benignPack -PM maliciousApkFolder -M maliciousPackExtracting malicious behaviors from two packed files (benignPack and maliciousPack) by using the command:MADLIRA TFIDF train -B benignPack -M maliciousPackMalicious behavior detectionCollect new applications and put them in a folder named checkApk.Detect malicious behaviors of applications in the folder checkApk by using the command:MADLIRA TFIDF check -S checkApkCommand:MADLIRA TFIDF train Compute the malicious specifications for given training data. -B <filename>: the archive file contains all graphs of training benwares. -M <filename>: the archive file contains all categories of training malwares.MADLIRA TFIDF check <Options> Check malicious behaviors in the given applications in a folder. -S <folder>: the folder contains all applications (apk files).MADLIRA TFIDF test <Options> Test the classifier for a given test data. -S <folder>: the folder contains all graphs for testing.MADLIRA TFIDF clear Clean all training data.MADLIRA TFIDF install Clean old training data and install a new data for training. -B <filename>: the archive file contains all graphs of training benwares. -M <filename>: the archive file contains all categories of training malwares.Examples:Training new data:First collect training applications (APK files) and store them in folders named MalApkFolder and BenApkFolder.Pack training applications into archive files named MalPack and BenPack by using this command:MADLIRA TFIDF packAPK -PB BenApkFolder -B BenPack -PM MalApkFolder -M MalPackClean old training data:MADLIRA TFIDF clearCompute the malicious graphs from the training packs (BenPack and MalPack)MADLIRA TFIDF train -B BenPack -M MalPackChecking new applications:put these applications in a folder named checkApk and use this command:MADLIRA TFIDF check -S checkApkOutput: SVM componentCommand: MADLIRA SVMFor this component, there are two functions: the training function and the test function.Training phaseCollect benign applications in a folder named benignApkFolder and malicious applications in a folder named maliciousApkFolder.Prepare training data by using the commands:MADLIRA SVM packAPK -PB benignApkFolder -B benignPack -PM maliciousApkFolder -M maliciousPackCompute the training model by this command:MADLIRA SVM train -B benignPack -M maliciousPackMalicious behavior detectionCollect new applications and put them in a folder named checkApkDetect malicious behaviors of applications in the folder checkApk by using the command:MADLIRA SVM check -S checkApkCommand:MADLIRA SVM train <Options> Compute the classifier for given training data. -T <T>: max length of the common walks (default value = 3). -l <lambda>: lambda value to control the importance of length of walks (default value = 0.4). -B <filename>: the archive file contains all graphs of training benwares. -M <filename>: the archive file contains all graphs of training malwares.MADLIRA SVM check <Options> Check malicious behaviors in the applications in a folder. -S <foldername>: the folder contains all apk files.MADLIRA SVM test <Options> Test the classifier for given graph data. -S <foldername>: the folder contains all graphs of test data. -n <n>: the number of test samples.MADLIRA SVM clear Clean all training data.Packages:This tool uses the following packages:apktool-2.2.1 (https://ibotpeaches.github.io/Apktool/)ojalgo-41.0.0 (https://github.com/optimatika/ojAlgo)libsvm (http://www.csie.ntu.edu.tw/~cjlin/libsvm/)ReferencesKhanh Huu The Dam and Tayssir Touili. Extracting Android Malicious Behaviors. In Proceedings of ForSE 2017Khanh Huu The Dam and Tayssir Touili. Learn Android malware. In Proceedings of IWSMA@ARES 2017Download MADLIRA

Link: http://feedproxy.google.com/~r/PentestTools/~3/067FoTnPUjg/madlira-malware-detection-using.html

DVHMA – Damn Vulnerable Hybrid Mobile App (For Android) That Intentionally Contains Vulnerabilities

Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities. Its purpose is to enable security professionals to test their tools and techniques legally, help developers better understand the common pitfalls in developing hybrid mobile apps securely.Motivation and ScopeThis app is developed to study pitfalls in developing hybrid apps, e.g., using Apache Cordova or SAP Kapsel, securely. Currently, the main focus is to develop a deeper understanding of injection vulnerabilities that exploit the JavaScript to Java bridge.InstallationPrerequisitesWe assume that theAndroid SDK (https://developer.android.com/sdk/index.html) andApache Cordova (https://cordova.apache.org/), version 6.3.0 or later are installed.Moreover, we assume a basic familiarity with the build system of Apache Cordova.Building DVHMASetting Environment Variablesexport ANDROID_HOME=export PATH=$ANDROID_HOME/tools:$PATHexport PATH=$ANDROID_HOME/platform-tools:$PATHCompiling DVHMAcd DVHMA-Featherweightcordova plugin add ../plugins/DVHMA-Storagecordova plugin add ../plugins/DVHMA-WebIntent cordova platform add androidcordova compile androidRunning DVHMA in an Emulatorcordova run android Team MembersThe development of this application started as part of the project ZertApps. ZertApps was a collaborative research project funded by the German Ministry for Research and Education. It is now developed and maintained by the Software Assurance & Security Research Team at The University of Sheffield, UK.The core developers of DVHMA are:Achim D. BruckerMichael HerzbergPublicationsAchim D. Brucker and Michael Herzberg. On the Static Analysis of Hybrid Mobile Apps: A Report on the State of Apache Cordova Nation. In International Symposium on Engineering Secure Software and Systems (ESSoS). Lecture Notes in Computer Science (9639), pages 72-88, Springer-Verlag, 2016. https://www.brucker.ch/bibliography/abstract/brucker.ea-cordova-security-2016 doi: 10.1007/978-3-319-30806-7_5Download DVHMA

Link: http://feedproxy.google.com/~r/PentestTools/~3/blm_ZImRphM/dvhma-damn-vulnerable-hybrid-mobile-app.html

Best Voice to Text Apps for Android

Speech recognition technology has improved a lot in recent years. This is the reason, Google, Amazon and other big companies have started pushing more money on it. We have already seen Google Home, Alexa, Google voice search and similar services that relies on voice recognition. This is the reason, people have started looking for more […]
The post Best Voice to Text Apps for Android appeared first on UseThisTip.

Link: http://feedproxy.google.com/~r/blogspot/csAFg/~3/wlzkWiAR73w/best-voice-to-text-apps-for-android.html

Best Free Karaoke Apps for Android 2018

People like to sing. Few are just bathroom singer because they do not feel comfortable in singing in front of others. Few people do it comfortably and like to show their singing talent to others. If you are into any kind of singing, Karaoke app is for you. I am sure you have already seen […]
The post Best Free Karaoke Apps for Android 2018 appeared first on UseThisTip.

Link: http://feedproxy.google.com/~r/blogspot/csAFg/~3/3IEB4h0Blsw/best-free-karaoke-apps-android.html

BootStomp – Find Android Bootloader Vulnerabilities

BootStomp is a Python-based tool, with Docker support that helps you find two different classes of Android bootloader vulnerabilities and bugs. It looks for memory corruption and state storage vulnerabilities.

Note that BootStomp works with boot-loaders compiled for ARM architectures (32 and 64 bits both) and that results might slightly vary depending on angr and Z3’s versions. This is because of the time angr takes to analyze basic blocks and to Z3’s expression concretization results.
Read the rest of BootStomp – Find Android Bootloader Vulnerabilities now! Only available at Darknet.

Link: https://www.darknet.org.uk/2018/02/bootstomp-find-android-bootloader-vulnerabilities/

5 Best iPhone Launchers for Android

Android is the most popular mobile operating system but iPhone has always been a wish of many people. Apple’s iPhone come with iOS that not just perform better but also offers clean look. But the problem with iPhone is its high cost. The recent iPhone X costs more than $1000. That makes in unaffordable for […]
The post 5 Best iPhone Launchers for Android appeared first on UseThisTip.

Link: http://feedproxy.google.com/~r/blogspot/csAFg/~3/KqhNHVZI-74/best-iphone-launchers-android.html