jadx
jadx copied to clipboard
[feature] static taint analysis
Describe your idea: It would be beneficial to have some sort of static taint analysis with a forward/backward propagation
Examples of feature impl :-
https://oversecured.com https://github.com/Ostorlab/ostorlab https://github.com/charles2gan/GDA-android-reversing-Tool
@BitTheByte agree. I definitely will implement some sort of caller/usage tree visualization. Not sure about actual taint analysis because it is harder to implement and to be really helpful need to define a lot of rules of 'input'/'use' methods/API. For now, jadx have integration with Quark Engine and it also can be useful.