-
Notifications
You must be signed in to change notification settings - Fork 159
Project structure overview
Thomas D edited this page May 4, 2019
·
4 revisions
Androwarn has been designed to be as modular as possible. As it consists of an end-to-end analysis-synthesis workflow, its internal structure is organised according to the different component's roles.
At the root of the project you can find those directories :
-
warn: the core system -
_SampleApplication: a sample Android application, concentrating several potential malicious behaviors -
_SampleReports: the HTML and TXT reports for the SampleApplication
As you can find more information for the androguard framework on its [official repository] (https://github.com/androguard/androguard/), I will give some details about the androwarn structure.
-
analysis: responsible for the analysis results aggregation -
constants: maps the integer values recovered from the data-flow analysis with the constant names for several android classes -
core: contains the core algorithm for the data-flow analysis -
report: responsible for the report generation and analysis results filtering according to the user's level -
search: contains all the analysis criteria targeting malicious behaviors and several Android application's components -
util: contains some general and useful functions
-
api: harvest classes and packages lists -
apk: filename and hash for the submitted apk file -
application: get application package name, description and current version -
malicious_behaviours: categories of sought behaviors -
manifest: extract any information included in theAndroidManifest.xmlfile such as required permissions, activities, services etc.
Hbvv