Caleb Fenton
Caleb Fenton
This change would mean adding options or configuration to change the execution order of methods to reproduce the order they might be executed on an Android system. Right now, the...
The methods: - `Ljava/lang/Class;->getClassLoader()Ljava/lang/ClassLoader;` - `Ljava/security/AccessController;->doPrivileged(Ljava/security/PrivilegedAction;)Ljava/lang/Object;` - `Ljava/lang/Class;->newInstance()Ljava/lang/Object;` - `Ljava/lang/ClassLoader;->loadClass(Ljava/lang/String;)Ljava/lang/Class;` The `getClassLoader` can probably just wrap around smalivm's `SmaliClassLoader` since it knows of all input smali classes. The rest don't...
Right now the process isn't documented and is done by calling different classes in the project. Make a gradle task and document it a bit to make it easier for...
These are unimplemented currently because it could easily lead to loss of fidelity. For example, if an instance is modified in another thread, or is modified anywhere outside of the...
@apkunpacker has proposed adding rules for detecting anti-cheat systems and anti-frida techniques. I'm generally in favor of supporting this in apkid since it falls in line with the general purpose...
Code which generates the dex map items: https://github.com/int02h/fast-proxy/blob/master/fastproxy/src/main/java/com/dpforge/fastproxy/dex/writer/DexWriter.java#L57 An example of detecting this: https://github.com/horsicq/SpecAbstract/blob/4a0d7c9a0070b85d1ce4aa30513ef9262ade088a/specabstract.cpp#L13650
No samples, but wanted to bookmark this protector in case it shows up. More info at their site https://epona.quarkslab.com/en/
This will require a little research to see if the techniques work in Android and if they're used anywhere. First, the `vmstat` command seems to be a command on the...
Yara-python build should also accept `--with-crypto` option in addition to other yara build configuration options like `--enable-cuckoo`.
If the server goes down while a task is running and has acquired a lock, the lock is still in place when the server comes back up. It isn't released...