jAndroid is a taint analysis tool for template matching against android apps.
The current use case is to identify potential logic bug exploit chains on Android.
jAndroid requires Python 3.4 or later to run.
- Clone the repository
- Install the required python packages by running the following command:
pip install -r requirements.txt- Place any apps you want to analyze in the
appsdirectory or connect an Android device with USB debugging enabled
Please check out the Project Wiki for detailed instructions on how to use the tool.
To run the tool with neo4j and the defaut templates, you need to have neo4j installed and running on your machine.
You can install neo4j by following the instructions here.
Or using docker by running the following command:
docker run --restart always --publish=7474:7474 --publish=7687:7687 --env NEO4J_AUTH=neo4j/n3o4jn3o4j neo4j
python3 src/jandroid.py -g neo4jThe output can then be found at localhost:7474 in your browser using the default credentials neo4j/n3o4jn3o4j
To run the tool with the default templates, simply run the following command:
python3 src/jandroid.pyThe output can then be found at output/graph/jandroid.html