Awesome

所有收集类项目

Android

Android安全资源收集，初版。600+工具，1500+文章
English Version

资源收集
- (11) Github Repo
知名分析工具
- ClassyShark -> (3)工具 (7)文章
- jeb -> (14)工具 (50)文章
- enjarify -> (2)工具 (1)文章
- androguard -> (5)工具 (14)文章
- jadx -> (3)工具 (3)文章
- jd-gui -> (2)工具 (3)文章
- dex2jar -> (5)工具 (2)文章
- apktool -> (13)工具 (40)文章
- virtualapk -> (1)工具
- baksmali -> (2)工具 (4)文章
- cSploit -> (4)工具 (4)文章
- bytecodeviewer -> (2)工具
- MobSF -> (3)工具 (6)文章
- androl4b -> (1)工具 (4)文章
- decaf -> (3)工具 (4)文章
- cuckoo-droid -> (1)工具
各类App
- ahmyth -> (1)工具 (3)文章
- (8) 工具
Topic
- 漏洞 -> (79)工具 (476)文章
- 恶意代码 -> (43)工具 (471)文章
- 取证 -> (7)工具 (37)文章
- Hook
  - XPosed -> (9)工具 (8)文章
  - Frida -> (5)工具 (9)文章
  - (25) 工具
  - (43) 文章
- 加固&&破解 ->
其他
- Dalvik -> (13)工具 (45)文章
- APK-Xxx -> (94)工具
- ADB -> (23)工具 (61)文章
- IDA Pro -> (4)工具 (7)文章
- Frida -> (24)工具 (29)文章
工具
文章

<a id="68d90d74dca98b4812bd082767343703"></a>资源收集

<a id="767078c52aca04c452c095f49ad73956"></a>Github Repo

[4411星][3m] [Shell] ashishb/android-security-awesome A collection of android security related resources
[1673星][3y] [Shell] juude/droidreverse android 逆向工程工具集
[672星][4m] doridori/android-security-reference A W.I.P Android Security Ref
[509星][2y] b-mueller/android_app_security_checklist Android App Security Checklist
[443星][1m] jnusimba/androidsecnotes some learning notes about Android Security
[135星][2m] [C++] chenenyu/androidsecurity Android安全实践
[98星][4y] [Java] zencodex/hack-android Collection tools for hack android, java
[79星][11m] wufengxue/android-reverse 安卓逆向工具汇总
[74星][3y] wtsxdev/android-security-list Collection of Android security related resources
[66星][1y] pfalcon/awesome-linux-android-hacking List of hints and Q&As to get most of your Linux/Android device
[33星][3y] nextco/android-decompiler A hight quality list of tools to reverse engineering code from android.

<a id="d3edc24d146d61221786f8e89c902397"></a>知名分析工具

<a id="c52b14cea935b701a421cb2d44c590d3"></a>ClassyShark

<a id="4a8b5558129606951cf406d3717efc25"></a>工具

[6164星][5m] [Java] google/android-classyshark 分析基于Android/Java的App或游戏
[189星][3m] borisf/classyshark-user-guide Everything you want to know how to use ClassyShark
[189星][2y] [Kotlin] borisf/classyshark-bytecode-viewer Browse your Java/Kotlin compiled code

<a id="ebb31da97d52038330587e11aa3b7663"></a>文章

2017.02 [BorisFarber] Exporting types from Android app using ClassyShark
2016.11 [BorisFarber] ClassyShark Product Docs
2016.11 [BorisFarber] Exporting data from ClassyShark
2016.11 [BorisFarber] APK Dashboard in ClassyShark
2016.01 [freebuf] ClassyShark：轻便的安卓可执行文件浏览器
2015.12 [BorisFarber] ClassyShark supports native code browsing
2015.12 [BorisFarber] Welcome ClassyShark

<a id="98e0f17cd07a3cf1e8ffc43a6237ecc6"></a>jeb

<a id="56d0739e51ee737ac2dc2000714eb920"></a>工具

[93星][2m] [Py] pnfsoftware/jeb2-samplecode Sample extensions for JEB Decompiler
[78星][4y] [Java] enovella/jebscripts A set of JEB Python/Java scripts for reverse engineering Android obfuscated code
[69星][6m] [Py] hamz-a/jeb2frida Automated Frida hook generation with JEB
[58星][1m] [Java] pnfsoftware/jeb2-androsig Android Library Code Recognition
[38星][10m] [Java] pnfsoftware/jnihelper jeb-plugin-android-jni-helper
[37星][3m] [Py] pnfsoftware/jeb-golang-analyzer JEB scripts for Golang executables analysis
[34星][9m] [Py] idhyt/jeb-keygen JEB install env
[30星][10m] [Java] pnfsoftware/jeb2-plugin-oat Android OAT Plugin for JEB
[20星][2y] [Java] pnfsoftware/pleaserop Architecture-agnostic ROP gadget finder using JEB's IR
[19星][9m] [Java] pnfsoftware/jeb-plugin-libra Libra decompiler plugin for JEB
[13星][1y] [Java] pnfsoftware/jeb2-andhook
[5星][1y] [Java] pnfsoftware/jeb-native-ir-optimizer-example1
[5星][10m] [Java] pnfsoftware/jeb2-plugin-pdf PDF Analyzer Plugin for JEB
[1星][3y] [Java] pnfsoftware/jeb2-plugin-avqu JEB Plugin Extractor for Anti-Virus Quarantine files

<a id="3205cec7f053205545589f9b332a3708"></a>文章

2020.02 [pnfsoftware] JEB Android Updates – Lambda Recovery, Unreflecting Code, Generic String Decryption, and More
2019.10 [securify] Automated Frida hook generation with JEB
2019.01 [pnfsoftware] JEB Native Analysis Pipeline – Part 2: IR Optimizers
2019.01 [pnfsoftware] JEB 3.1 and JEB Home Edition x86
2019.01 [pnfsoftware] JEB Native Analysis Pipeline – Part 1: Intermediate Representation
2018.11 [pediy] [原创] 如何优雅的延长JEB demo的有效期
2018.09 [pnfsoftware] JEB3 Auto-Signing Mode
2018.05 [pediy] [原创]JEB2反混淆神器
2018.05 [pnfsoftware] JEB 3 Alpha is available
2018.02 [pnfsoftware] DEX Version 39, Dalvik and ART Opcode Overlaps, and JEB 2.3.11
2017.11 [pediy] [原创]java应用破解之破解 jeb mips 2.3.3
2017.10 [pnfsoftware] JEB 恶意软件分享平台
2017.10 [pnfsoftware] DEX and APK Updates in JEB 2.3.5
2017.09 [flanker017] JEB2插件教程之一
2017.09 [aliyun] 编写自己的JEB2插件
2017.09 [360] 以DVRF（路由器漏洞靶机）为例解读JEB固件漏洞利用（Part 1）
2017.08 [pnfsoftware] Firmware exploitation with JEB part 3: Reversing the SmartRG’s sr505n
2017.08 [4hou] 以DVRF（路由器漏洞靶机）为例解读JEB固件漏洞利用
2017.08 [pnfsoftware] 如何利用 JEB 的 MIPS 反编译器来挖掘和利用嵌入式设备的软件漏洞
2017.08 [pnfsoftware] 如何利用 JEB 的 MIPS 反编译器来挖掘和利用嵌入式设备的软件漏洞
2017.06 [pediy] [原创] JEB2插件，导出APK资源文件
2017.05 [pnfsoftware] JEB 2.3 and MIPS Decompilation
2017.04 [pnfsoftware] Analyzing a New MIPS IoT Malware With JEB
2016.09 [pnfsoftware] Library Code Matching for Android with JEB
2016.08 [pediy] [下载]jeb2.2.5 破解版
2016.03 [pnfsoftware] An introduction to JEB Android Debuggers
2016.02 [pnfsoftware] User interface how-to in JEB
2015.12 [pnfsoftware] Changes in JEB 2.1… And a holiday season gift
2015.12 [pnfsoftware] Scanning PDF Files using JEB2
2015.11 [pnfsoftware] Writing client scripts for JEB2 using Python
2015.10 [pnfsoftware] Developing JEB2 parsers and plugins
2015.09 [pnfsoftware] Setting up JEB2 to parse optimized DEX (odex) files
2015.09 [pnfsoftware] JEB2 introduction videos
2015.08 [pnfsoftware] JEB2 available to all customers
2015.07 [pediy] [分享]JEB 1.5.201408040(full) 补充全平台keygen
2015.07 [pediy] JEB 1.5.201408040(full) + keygen
2015.07 [pnfsoftware] JEB2 plugins for document formats
2015.06 [flanker017] Advanced Android Application Analysis Series – JEB API Manual and Plugin Writing
2015.06 [pnfsoftware] What is changing with JEB2
2015.06 [pnfsoftware] Announcing JEB2
2014.08 [pnfsoftware] JEB Jar Plugins
2014.07 [pediy] 用Javassis分析jeb.jar
2014.07 [pediy] JEB(破解更新2014-07-16)
2014.03 [pnfsoftware] Developing JEB plugins in Java with Eclipse
2013.09 [pnfsoftware] Decompiled Java Code Manipulation using JEB API – Part 3: Defeating Reflection
2013.09 [pnfsoftware] Decompiled Java Code Manipulation using JEB API – Part 2: Decrypting Strings
2013.09 [pnfsoftware] Decompiled Java Code Manipulation using JEB API – Part 1: Removing Junk Code
2013.08 [pnfsoftware] JEB Plugin How-To: Jump to an Activity
2013.07 [pnfsoftware] JEB 1.3: How to Sign and Match Third-Party Library Code
2013.05 [pnfsoftware] JEB’s decompiled sources for Android/BadNews.A

<a id="190a50af2c6e312dab59310243dc9a07"></a>enjarify

<a id="1ab52c0bb8444157e2a6217c2c7a1783"></a>工具

[2467星][3y] [Py] google/enjarify 将Dalvik字节码转换为对应的Java字节码
[516星][5m] [Py] storyyeller/enjarify 将Dalvik字节码转为对应的Java字节码（google Fork版）

<a id="a2e68c9be0b242e3fb4fd42a262c471a"></a>文章

2015.10 [Roland] Google自己出品的dex转jar工具enjarify的介绍

<a id="019813c8858057c3b079ba9fbda7e61f"></a>androguard

<a id="57ab0c9888130e35c2fc37f97537fdd3"></a>工具

[2890星][3m] [Py] androguard/androguard Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)
[60星][2y] [C] koodous/androguard-yara Module to use Androguard with Yara
[57星][1y] [Py] programa-stic/marvin-static-analyzer Marvin static analyzer is an Android application vulnerability scanner. The framework uses androguard and Static Android Analysis Framework (SAAF).
[32星][2y] dweinstein/dockerfile-androguard docker file for use with androguard python android app analysis tool
[2星][2y] h4ng3r/r2dextest Dalvik tests generator for radare2 using on androguard

<a id="0d6b1003c6e834560d9860f77f10e6b1"></a>文章

2018.04 [infosecinstitute] Android Penetration Tools Walkthrough Series: Androguard
2016.09 [venus] Androguard补完计划——锁定字符串解密函数
2016.09 [venus] Androguard补完计划——提取加密字符串
2015.10 [angelalonso] Malware Analysis with Androguard: a practical case
2015.10 [spreitzenbarth] Androguard: A simple step by step guide
2014.11 [k3170makan] Automated DEX Decompilation using Androguard part II: Dex2Java
2014.11 [k3170makan] Automated DEX Decompilation using Androguard
2014.09 [pentestcorner] Androguard plugin for Sublime Text: Installation and usage
2014.09 [pediy] [原创]静态开源工具Androguard 常用API手册
2014.07 [Roland] 如何在Ubuntu 12.04上安装Androguard
2013.05 [pediy] [原创]windows下编译安装androguard
2012.12 [n0where] Android Application Analysis: Androguard
2012.05 [pediy] [原创]Androguard软件安装方法
2012.02 [toolswatch] Androguard (Android Guard) v1.0 RC 1

<a id="f136c28b41053e3d884385f33da22bb5"></a>jadx

<a id="b36c7a8866ead5febf57b179811d6b35"></a>工具

[21172星][1m] [Java] skylot/jadx dex 转 java 的反编译器
[89星][2m] [C++] romainthomas/pyjadx Jadx Python Binding
[9星][1y] [PHP] vaibhavpandeyvpz/deapk DeAPK is an open-source, online APK decompiler which lets you upload an APK and then decompile it to Smali or Java sources. It is built using Laravel, Vue.js, Bootstrap, FontAwesome, Pusher, Redis, MySQL, apktool, jadx and hosted atop DigitalOcean cloud platform.

<a id="bbf5db01b18fc4ceacd7d1bb6e456807"></a>文章

2019.10 [secplicity] Android APK Reverse Engineering: Using JADX
2015.01 [n0where] Dex to Java Decompiler: jadx
2014.03 [androidcracking] jadx - Dex to Java decompiler

<a id="51f8cd240758c6723fe59e5fb7b5a941"></a>jd-gui

<a id="732953dd03c164baa82b5189a1e883bb"></a>工具

[7968星][3m] [Java] java-decompiler/jd-gui A standalone Java Decompiler GUI
[109星][2m] [Java] java-decompiler/jd-core JD-Core is a JAVA decompiler written in JAVA.

<a id="b1b9fcec9b1935d4a5373e9907d5d1bb"></a>文章

2014.06 [willhackforsushi] Code to Create a JD-GUI Error
2014.02 [androidcracking] zerdei's luyten, a worthwhile jd-gui alternative
2013.03 [pediy] [原创]反编译工具dava的使用，个人觉得效果比jad/jd-gui效果好

<a id="d9716319ad6dac60048651a18e2b0a4b"></a>dex2jar

<a id="541b58e9a1ee2bebf1295ae116fafa4d"></a>工具

[7142星][7m] [Java] pxb1988/dex2jar Tools to work with android .dex and java .class files
[100星][7m] [Java] dexpatcher/dex2jar Unofficial dex2jar builds
[85星][1m] [Py] tp7309/ttdedroid 一键反编译工具One key for quickly decompile apk/aar/dex/jar, support by jadx/dex2jar/enjarify/cfr.
[68星][5y] [Py] ajinabraham/xenotix-apk-reverser Xenotix APK Reverser is an OpenSource Android Application Package (APK) decompiler and disassembler powered by dex2jar, baksmali and jd-core.
[60星][7y] [Java] strazzere/dehoser Unpacker for the HoseDex2Jar APK Protection which packs the original file inside the dex header

<a id="32f4773a7e0739def1ab014fadb3db88"></a>文章

2019.04 [X0x6d696368] Ghidra: Android APK (it's basically dex2jar with a .dex decompiler)
2013.01 [androidcracking] string decryption with dex2jar

<a id="6d92b271b2e90e8b03d873712722adbe"></a>apktool

<a id="2f014ba4bc98fef37272a1e4acc399f2"></a>工具

[9536星][1m] [Java] ibotpeaches/apktool A tool for reverse engineering Android apk files
[725星][2m] [Java] rover12421/shakaapktool ShakaApktool
[557星][3y] [Java] linchaolong/apktoolplus apk 逆向分析工具
[428星][2y] [Py] evilsocket/smali_emulator This software will emulate a smali source file generated by apktool.
[331星][7y] [Java] brutall/brut.apktool A tool for reverse engineering Android apk files
[100星][1y] winterssy/miui-purify 个人兴趣项目存档，使用 apktool 魔改 MIUI ROM，去除 MIUI 系统新增的广告。
[73星][6m] [Ruby] devunwired/apktools Ruby library for reading/parsing APK resource data
[26星][2m] [Visual Basic] modify24x7/ultimate-advanced-apktool v4.1
[23星][2m] lexiie/termux-apktool Decompile and Recompile android aplication use termux without openjdk installed
[11星][7m] [Dockerfile] theanam/docker-apktool Docker image for Latest Apktool
[6星][1y] [Py] h4ng3r/r2apktool radare2 based alternative to apktool
[6星][2y] [CSS] oscar0812/apktoolfx A GUI for Apktool to make reverse engineering of android apps a breeze.
[None星]iBotPeaches/apktool

<a id="8b6c1a37516d86d729d05ad769e5d681"></a>文章

2019.03 [connortumbleson] Apktool v2.4.0 Released
2018.05 [pentesttoolz] How to Reverse Engineer (Decompile/Recompile) Android Apk Files – Apktool and Kali Linux 2018.2
2018.04 [connortumbleson] Apktool v2.3.3 Released
2018.04 [infosecinstitute] Android Penetration Tools Walkthrough Series: Apktool
2018.04 [connortumbleson] Apktool v2.3.2 Released
2018.04 [pentesttoolz] Apktool – A Tool For Reverse Engineering Android APK Files
2018.01 [pentesttoolz] Apktool – Reverse Engineering Android apk Files
2018.01 [n0where] Reverse Engineering Android apk Files: Apktool
2017.12 [connortumbleson] Apktool v2.3.1 Released
2017.12 [tencent] Android开发工具Apktool漏洞利用分析
2017.12 [360] Apktool未正确解析XML导致的XXE漏洞分析
2017.09 [connortumbleson] Apktool v2.3.0 Released
2017.07 [connortumbleson] Apktool v2.2.4 Released
2017.06 [connortumbleson] Apktool v2.2.3 Released
2017.01 [connortumbleson] Apktool v2.2.2 Released
2016.10 [connortumbleson] Apktool v2.2.1 Released
2016.08 [connortumbleson] Apktool v2.2.0 Released
2016.05 [onready] Modification APK with apktool
2016.05 [connortumbleson] Apktool v2.1.1 Released
2016.03 [connortumbleson] Apktool v2.1.0 Released
2015.12 [connortumbleson] Apktool v2.0.3 Released
2015.10 [connortumbleson] Apktool v2.0.2 Released
2015.07 [connortumbleson] Apktool v2.0.1 Released
2015.04 [connortumbleson] Apktool v2.0.0 Released
2015.04 [connortumbleson] Apktool: Fixing Bug 761
2015.02 [connortumbleson] Apktool: Fixing Bug 713
2015.02 [connortumbleson] Apktool 2.0.0 RC4 Released
2014.11 [connortumbleson] Apktool 2.0.0 RC3 Released
2014.10 [connortumbleson] Apktool 2.0.0 RC2 Released
2014.05 [Roland] Android无源码调试APK（使用ApkTool和Eclipse ADT）
2014.02 [connortumbleson] Apktool 2.0.0 Beta 9 Released
2013.10 [connortumbleson] Apktool 2.0.0 Beta 7 Released
2013.08 [pediy] [原创]安卓加密壳（dexcrypt) , 防止apktool,dex2jar 等工具逆向你的apk，附上下载地址
2013.05 [lhj0711010212] apktool + smali + dex2jar + jdgui实现apk反编译
2013.05 [pediy] [原创]Apk修改利器：ApkToolkit v2.1
2013.04 [pediy] [原创]Apk修改利器：ApkToolkit v2.0
2013.02 [pediy] [原创]Apk修改利器：ApkToolkit v1.1
2012.03 [pediy] [原创]ApktoolGui v2.0 Final [3月18日添加运行环境检测功能，暂不支持Android 4.0]
2011.07 [pediy] [下载]ApkTool-GUI1.3.5内测版下载
2010.10 [androidcracking] unexplainable problems after recompilation with apktool

<a id="63bfb9519c279be953eca5c8f99757fa"></a>virtualapk

<a id="66019021f5ace5c41bf5de20be94f9e3"></a>工具

[7760星][1y] [Java] didi/virtualapk A powerful and lightweight plugin framework for Android

<a id="40180b771f8762f1470aa38b19afc1e1"></a>baksmali

<a id="c762fd140130e8f90c51d58f3e01288a"></a>工具

[4152星][1m] [Java] jesusfreke/smali smali/baksmali
[28星][1y] [Smali] strazzere/emacs-smali Smali/Baksmali mode for Emacs

<a id="f84bf9c4269ace64fe1a216046c67d62"></a>文章

2018.04 [infosecinstitute] Android Penetration Tools Walkthrough Series Dex2Jar, JD-GUI, and Baksmali
2013.05 [lhj0711010212] AXMLPrinter2 baksmali smali dex2jar 反编译文件用法
2013.05 [lhj0711010212] baksmali和smali工具的使用
2013.05 [lhj0711010212] Android 中编译，反编译，AXMLPrinter2,smali,baksmali

<a id="3e5efcb723ddb311526b0cf27a095117"></a>cSploit

<a id="61012694dfaf7dc87ef7a0738a005818"></a>工具

[2368星][1y] [Java] csploit/android cSploit - The most complete and advanced IT security professional toolkit on Android.
[60星][7m] [HTML] csploit/csploit.github.io website for cSploit organization
[34星][2y] [Go] csploit/daemon the core of the cSploit project
[24星][4y] [C] csploit/network-radar cSploit network radar

<a id="47fbd63ae0e4321d98e09951fd37f1bb"></a>文章

2020.01 [BlackHat] ACSploit: Exploit Algorithmic Complexity Vulnerabilities
2016.08 [TechnoHacker] How to use cSploit (pentesting toolkit for Android!)
2016.06 [hackingarticles] Hack your Network through Android Phone using cSploit
2016.05 [cyberarms] DNS Spoofing with Nethunter, cSploit & Kali Linux

<a id="6ad1dd69e315677a2252c1c8e8620572"></a>bytecodeviewer

<a id="26f401339eb01096e69d6c650abe51df"></a>工具

[10890星][4m] [Java] konloch/bytecode-viewer A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
[1123星][2m] [Kotlin] ingokegel/jclasslib jclasslib bytecode viewer is a tool that visualizes all aspects of compiled Java class files and the contained bytecode.

<a id="1ed0d3c6279ba30df06262de9c24cdd8"></a>MobSF

<a id="9c93b893f550d7c8cf4a19cce06e177b"></a>工具

[5441星][1m] [Py] mobsf/mobile-security-framework-mobsf Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
[25星][6m] [Shell] soluto/mobsf-ci All that is required to run MobSF in the ci
[21星][2m] [Java] mobsf/mobsf-related-materials MobSF related Presentations, Slides and Others.

<a id="9e5612f2c728bdbbca8b2571bd94cd79"></a>文章

2018.04 [infosecinstitute] Android Penetration Tools Walkthrough Series: MobSF
2017.08 [freebuf] MobSF：一款功能强大的智能移动安全框架
2017.04 [n0where] Mobile Security Framework: MobSF
2017.01 [toolswatch] Mobile Security Framework (MobSF) v0.9.3
2016.05 [toolswatch] Mobile Security Framework (MobSF) v0.9.2
2016.03 [freebuf] 工具推荐：MobSF，一款开源移动安全测试框架

<a id="eccb49e7c71be9df25fec6d241d18f8e"></a>androl4b

<a id="800724f7b844e2293370510700c6ca73"></a>工具

[822星][6m] sh4hin/androl4b 用于评估Android应用程序，逆向工程和恶意软件分析的虚拟机

<a id="42ea2fc802be5efdd7bc656aa39446cb"></a>文章

2016.09 [n0where] Android Security Virtual Machine: Androl4b
2016.08 [freebuf] 【经验】使用Androl4b进行安卓APP安全测试（Part 1）
2016.07 [cn0xroot] 使用Androl4b进行安卓APP安全测试（Part 1）
2016.02 [freebuf] 工具推荐：Androl4b，安卓安全评估测试利器

<a id="78c2fbcadbbfda5a1448c6f150a9251d"></a>decaf

<a id="0c3c1ab3d169db8cc058a0d72cb6aa1d"></a>工具

[535星][1m] [C] decaf-project/decaf a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
[26星][3m] [Java] decaf-lang/decaf The new Decaf compiler, rewritten in "modern" Java
[22星][3m] [Rust] decaf-lang/decaf-rs The Decaf compiler, written in Rust

<a id="9843fb6cfb113c357deaf0dac05b22a8"></a>文章

2019.11 [freebuf] DECAF：一款基于QEMU的二进制代码分析平台
2015.11 [securitygossip] DECAF: Detecting and Characterizing Ad Fraud in Mobile Apps
2015.11 [sjtu] DECAF: Detecting and Characterizing Ad Fraud in Mobile Apps
2009.12 [sans] Anti-forensics, COFEE vs. DECAF

<a id="b32978986b1ad7ff33a1ff4ee968190c"></a>cuckoo-droid

<a id="1532c5ea999fcd785571a78ca3fed8f6"></a>工具

[465星][3y] [Py] idanr1986/cuckoo-droid Automated Android Malware Analysis with Cuckoo Sandbox.

<a id="a054356d9fb3b22c638a5c49406e230a"></a>各类App

<a id="51c70b0a90c17e4c3591c5997ffb1283"></a>ahmyth

<a id="8192031d06c545c465a838c13002ef27"></a>工具

[1815星][9m] [Smali] ahmyth/ahmyth-android-rat Android Remote Administration Tool

<a id="1d343a8e2abaf1bcdb2c7952fbab8ad1"></a>文章

2018.10 [cybrary] “I smell a rat!” – AhMyth, not a Myth
2017.08 [n0where] Android Remote Administration Tool: AhMyth
2017.07 [pentestingexperts] Hacking Android Smart Phone Using AhMyth Android RAT

<a id="1ab9ebcde9606f3e02a0dcd6c48411ad"></a>工具

[28657星][1m] [Kotlin] shadowsocks/shadowsocks-android A shadowsocks client for Android
[12463星][1m] [Java] signalapp/signal-android A private messenger for Android.
[12463星][1m] [Java] signalapp/signal-android A private messenger for Android.
[6106星][3y] shadowsocksrr/shadowsocksr-android A ShadowsocksR client for Android
[3210星][3y] shadowsocksr-backup/shadowsocksr-android A ShadowsocksR client for Android
[1007星][7m] [Kotlin] eycorsican/kitsunebi-android A fully-featured V2Ray client for Android.
[600星][4m] [Kotlin] hmbsbige/shadowsocksr-android A ShadowsocksR client for Android, written in Kotlin.
[536星][2m] [Java] dawei101/shadowsocks-android-java Shadowsocks android client, pure java version

<a id="a3f24c3d0190fbd519cce450f423b86e"></a>Topic

<a id="73b51525ab1548eba12f897ff482d785"></a>漏洞

<a id="d39d72e9362eda71cef10de260f43107"></a>工具

[2164星][12m] [Py] linkedin/qark 查找Android App的漏洞, 支持源码或APK文件
[968星][3y] [Java] androidvts/android-vts Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
[816星][2y] [C] timwr/cve-2016-5195 CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android
[737星][4y] [Py] androbugs/androbugs_framework AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. No need to install on Windows.
[607星][1y] [C] scottybauer/android_kernel_cve_pocs A list of my CVE's with POCs
[528星][3m] [C] jiayy/android_vuln_poc-exp This project contains pocs and exploits for vulneribilities I found (mostly)
[486星][2y] [Py] armissecurity/blueborne PoC scripts demonstrating the BlueBorne vulnerabilities
[413星][2y] [Py] ojasookert/cve-2017-0785 Blueborne CVE-2017-0785 Android information leak vulnerability
[408星][2y] [C] fuzion24/androidkernelexploitationplayground a hands on guide to Linux kernel exploitation with a special interest in Android
[389星][2y] [Java] davidbuchanan314/nxloader My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)
[344星][2y] [C++] ele7enxxh/poc-exp 某些 Android 漏洞的poc/exp
[333星][3y] [Java] seven456/safewebview Android Safe WebView、解决WebView的Js对象注入漏洞、支持网页将JS函数（function）传到Java层，方便回调；
[294星][11m] [C] tangsilian/android-vuln 安卓内核提权漏洞分析
[260星][1y] [C] chef-koch/android-vulnerabilities-overview An small overview of known Android vulnerabilities
[244星][1m] [C] grant-h/qu1ckr00t A PoC application demonstrating the power of an Android kernel arbitrary R/W.
[243星][3y] [C] hyln9/vikiroot CVE-2016-5195 (Dirty COW) PoC for Android 6.0.1 Marshmallow
[240星][1y] [Ruby] hahwul/droid-hunter (deprecated) Android application vulnerability analysis and Android pentest tool
[167星][1y] [C] jioundai/bluedroid PoCs of Vulnerabilities on Bluedroid
[167星][2y] [JS] logicalhacking/dvhma Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.
[160星][4y] [Py] appknox/afe Android Framework for Exploitation, is a framework for exploiting android based devices
[142星][5m] [HTML] sundaysec/android-exploits A collection of android Exploits and Hacks
[141星][5y] [Java] retme7/cve-2014-7911_poc Local root exploit for Nexus5 Android 4.4.4(KTU84P)
[135星][3y] [C] jcadduono/android_external_dirtycow CVE-2016-5195 (dirtycow/dirtyc0w) - recowvery fork
[131星][6y] [Java] fuzion24/androidziparbitrage Exploit for Android Zip bugs: 8219321, 9695860, and 9950697
[129星][2y] [C] smeso/mtpwn PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)
[127星][4y] [C] fi01/cve-2015-3636 PoC code for 32 bit Android OS
[103星][1y] [Java] duo-labs/xray X-Ray allows you to scan your Android device for security vulnerabilities that put your device at risk.
[97星][2y] [C] secwiki/android-kernel-exploits android kernel exploits漏洞集合
[95星][1y] [Py] integrity-sa/droidstatx Python tool that generates an Xmind map with all the information gathered and any evidence of possible vulnerabilities identified via static analysis. The map itself is an Android Application Pentesting Methodology component, which assists Pentesters to cover all important areas during an assessment.
[89星][5y] [C] retme7/cve-2014-4322_poc Gain privileges:system -> root,as a part of
[84星][10m] [C] nowsecure/dirtycow radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability
[81星][3y] [C] derrekr/android_security Public Android Vulnerability Information (CVE PoCs etc)
[76星][4y] [C] viralsecuritygroup/knoxout A PoC of KNOXout (CVE-2016-6584) - bypassing Samsung KNOX protections and root Samsung Galaxy S6 Android Device.
[70星][4y] [C++] laginimaineb/cve-2014-7920-7921 Exploit code for CVE-2014-7920 and CVE-2014-7921 - code-exec in mediaserver up to Android 5.1
[69星][2y] [Py] odensc/janus Python script to create an Android APK exploiting the Janus vulnerability.
[67星][6y] [C++] trevd/android_root Got Root!
[65星][2y] [Py] ojasookert/cve-2017-0781 Blueborne CVE-2017-0781 Android heap overflow vulnerability
[47星][3y] silvermoonsecurity/security-misc # Full overview of current vulnerability, exploit , fuzz, mitigation of current major Operation System(Windows, macOS, Linux, Android,iOS and so forath) and popular applicaiton
[46星][4m] [Java] flankerhqd/vendor-android-cves Collections of my POCs for android vendor CVEs
[46星][2m] [Java] flankerhqd/vendor-android-cves Collections of my POCs for android vendor CVEs
[43星][2y] [Shell] xtiankisutsa/twiga 枚举 Android 设备，获取了解其内部部件和漏洞利用的信息
[39星][3y] [Py] programa-stic/marvin-dynamic-analyzer Dynamic android vulnerability scanner using OpenNebula and Android-x86 emulators.
[39星][2y] [Py] sundaysec/andspoilt Run interactive android exploits in linux.
[38星][3m] [C] arinerron/cve-2016-5195 Automated Android root via CVE-2016-5195 (dirtycow/dirtyc0w PoC)
[37星][2y] [Java] htbridge/pivaa Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.
[36星][7m] [Py] raymanfx/android-cve-checker Python tool to check your Android kernel for missing CVE patches.
[33星][6m] [Py] monolithworks/trueseeing Non-decompiling Android vulnerability scanner (DC25 demo lab, CB17)
[32星][5y] [Ruby] jduck/addjsif Metasploit Exploit Module for the Android addJavascriptInterface Issue (MITM)
[26星][4m] [Py] alfa100001/-cve-2017-0785-blueborne-poc CVE-2017-0785 BlueBorne PoC
[25星][1m] b3nac/injuredandroid A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
[24星][3y] [C] davidbuchanan314/cowroot Universal Android root tool based on CVE-2016-5195. Watch this space.
[22星][3y] [C] sagi/android_pocs Android Vulnerability Reports and POCs.
[19星][1m] [Java] ivan-markovic/android-task-injection Task Hijacking in Android (somebody call it also StrandHogg vulnerability)
[18星][3y] [C] freddierice/farm-root Farm root is a root for android devices using the dirty cow vulnerability
[18星][1y] [C++] tamirzb/cve-2018-9539 PoC code for CVE-2018-9539
[15星][7y] [C] hiikezoe/libperf_event_exploit CVE-2013-2094 exploit for android
[15星][3y] [Java] tanprathan/sievepwn An android application which exploits sieve through android components.
[13星][3y] [C] a7vinx/cve-2015-3636 Expolit for android (goldfish kernel v3.10.0+) on arm64 with PXN&SELinux Bypassed. Based on fi01's code.
[13星][5y] [Perl] irsl/lgosp-poc LG On Screen Phone authentication bypass PoC (CVE-2014-8757)
[13星][6y] [Shell] k3170makan/droidsploit A collection of scripts to find common application vulnerabilities in Android Applications
[11星][4y] [Java] geneblue/cve-2014-7911-exp exploit for cve-2014-7911; android; java deserialization ;system privilege;ace;
[11星][2m] [Java] ioactive/aosp-downloadproviderhijacker PoC Exploiting Permission Bypass in Android's Download Provider (CVE-2018-9468)
[10星][3y] [C] m-mullins/cve-2016-8655_android Android attempt at PoC CVE-2016-8655
[9星][5y] [C] ele7enxxh/fakeodex modify field(modWhen, crc) in android odex file;安卓APP“寄生兽”漏洞
[9星][4y] [Java] heeeeen/cve-2014-7911poc
[9星][2y] [Java] lanrat/tethr Android Tethering Provisioning Check Bypass (CVE-2017-0554)
[8星][3y] [C] timwr/cve-2013-6282 CVE-2013-6282 proof of concept for Android
[8星][2m] [C++] amrashraf/androshield An ASP.NET web application that responsible of detecting and reporting vulnerabilities in android applications by static and dynamic analysis methodologies.
[6星][3y] [Java] ele7enxxh/cve-2014-7911
[6星][2m] [Java] ioactive/aosp-downloadproviderdbdumper PoC Exploiting SQL Injection in Android's Download Provider (CVE-2018-9493)
[6星][2m] [Java] ioactive/aosp-downloadproviderheadersdumper PoC Exploiting Headers Disclosure in Android's Download Provider (CVE-2018-9546)
[6星][2y] [Java] michalbednarski/reparcelbug CVE-2017-0806 PoC (Android GateKeeperResponse writeToParcel/createFromParcel mismatch)
[5星][6y] [PHP] thomascannon/android-cve-2010-4804 Android Data Stealing Vulnerability
[3星][1y] [Java] alexeyzatsepin/cp-tester Android application for finding vulnerabilities in all of content providers based on SQLite databases on your device with sql-injection
[3星][7y] [C] hiikezoe/libfb_mem_exploit CVE-2013-2596 exploit for android
[3星][6y] [Py] niejuhu/pocs Android漏洞验证程序
[2星][3y] [Py] kr1shn4murt1/exploit-ms-17-010 Exploit para vulnerabilidad ms17-010 desde android
[2星][6y] yangwenbo/resetpin POC of Android Fragment Injection vulnerability, about reset PIN
[1星][3m] [Py] brant-ruan/idf4apev Integrated Detection Framework for Android's Privilege Escalation Vulnerabilites

<a id="d5f45ceee87e1d68df9fe75801285e9e"></a>文章

2020.02 [venus] Android 蓝牙子系统 "BlueFrag" 漏洞分析（CVE-2020-0022）
2020.02 [nsfocus] 【威胁通告】安卓蓝牙组件高危漏洞（CVE-2020-0022）
2020.02 [insinuator] Critical Bluetooth Vulnerability in Android (CVE-2020-0022)
2020.01 [LoiLiangYang] Hack Facebook Account on Android with Browser Exploitation Framework (Cybersecurity)
2019.12 [aliyun] Android内核漏洞学习——CVE-2014-3153分析（2）
2019.12 [4hou] 谷歌修复CVE-2019-2232安卓DoS漏洞
2019.12 [pangu] 盘古实验室报告两个Android安全漏洞获Google致谢
2019.12 [aliyun] Android内核漏洞学习——CVE-2014-3153分析（1）
2019.12 [HackersOnBoard] DEF CON 27 - Bug Finding And Exploit Techniques On File Transfer App Of All Top Android Vendors
2019.12 [4hou] StrandHogg安卓漏洞分析
2019.12 [aliyun] CVE-2019-2215—android内核binder漏洞分析(2)
2019.11 [secplicity] Android Screen Capture Vulnerabilities
2019.11 [lookout] Strandhogg vulnerability allows attackers to circumvent Android OS safeguards
2019.11 [googleprojectzero] Bad Binder: Android In-The-Wild Exploit
2019.11 [freebuf] 谷歌三星安卓摄像头应用含高危漏洞变身监控器，影响数亿设备（PoC）
2019.11 [aliyun] Android内核漏洞——初探
2019.11 [secplicity] Android Vulnerability: NFC and Android Beam
2019.11 [riusksk] Android应用逻辑漏洞半自动化挖掘思路
2019.10 [nightwatchcybersecurity] NFC Beaming Bypasses Security Controls in Android [CVE-2019-2114]
2019.10 [4hou] 利用 Android WhatsApp App GIF 库的 Double-Free 漏洞实现 RCE
2019.10 [Sophos] Android zero-day exploit - what you need know - Naked Security Live
2019.10 [4hou] Android Binder Driver UAF 漏洞实现 Root 提权分析（CVE-2019-2215）
2019.10 [Sophos] Android zero-day exploit: what you need know - Naked Security Live
2019.10 [venus] Examining and exploiting Android vendor binder services:谁偷了我的虚表？
2019.10 [trendmicro] This Week in Security News: How a GIF Can Hack Your Android and Vulnerabilities That Could Put Hospital Networks at Risk
2019.09 [LoiLiangYang] Android Mobile Device Post Exploitation (Cyber-Security)
2019.09 [PositiveTechnologies] Underestimated vulnerabilities of modern Android applications
2019.09 [t00ls] 安卓应用漏洞挖掘分享-Ayound
2019.09 [secplicity] Unpatched 0-Day Android Vulnerability
2019.09 [4hou] 6个月没有补丁的Android 0 day权限提升漏洞
2019.09 [aliyun] CVE-2017-13253 :Android Drm服务堆溢出漏洞
2019.08 [freebuf] 挖洞经验 | 发现Outlook安卓版本APP跨站漏洞CVE-2019-1105
2019.08 [aliyun] CVE-2018-9539:特权Android服务中的Use-After-Free
2019.07 [freebuf] Android出现新漏洞，可在无权限的情况下利用传感器获取语音信息
2019.07 [freebuf] 挖洞经验 | 看我如何发现微软Outlook for Android移动应用的XSS漏洞
2019.07 [lightbluetouchpaper] The lifetime of an Android API vulnerability
2019.06 [JosephDelgadillo] Learn System Hacking E20: Exploiting Android and iOS Devices with Venom
2019.06 [antid0te] ARM64 Reverse Engineering and Android/Linux Exploitation Training (October 2019)
2019.06 [knownsec404team] Linux Kernel: the ROP Exploit of Stack Overflow in Android Kernel
2019.06 [venus] Linux Kernel: the ROP Exploit of Stack Overflow in Android Kernel
2019.05 [4hou] Android和iOS设备的指纹识别技术漏洞曝光，该漏洞几乎不可控！
2019.05 [arxiv] [1905.09352] Hey Google, What Exactly Do Your Security Patches Tell Us? A Large-Scale Empirical Study on Android Patched Vulnerabilities
2019.05 [quarkslab] Android Application Diffing: CVE-2019-10875 Inspection
2019.04 [ioactive] Multiple Vulnerabilities in Android’s Download Provider (CVE-2018-9468, CVE-2018-9493, CVE-2018-9546)
2019.03 [aliyun] CVE-2019-2000—android内核binder中fdget优化产生的UAF漏洞的分析
2019.03 [int0x33] Day 82: Hunting for Vulnerabilities in Android Apps with Burp and APK Tools
2019.03 [arxiv] [1903.05170] BenchPress: Analyzing Android App Vulnerability Benchmark Suites
2019.03 [MastersInEthicalHacking] Vulnerability Scanning Using Android
2019.03 [aliyun] 简单的安卓漏洞挖掘(二)
2019.03 [] The ‘Waterdrop’ in Android: A Binder Kernel Vulnerability
2019.03 [NullByte] Scan Websites for Vulnerabilities using Kali Linux on Any Android Device [Tutorial]
2019.03 [freebuf] 如何使用未Root的Android手机扫描网站漏洞
2019.02 [googleblog] Android Security Improvement update: Helping developers harden their apps, one thwarted vulnerability at a time
2019.02 [aliyun] 简单的安卓漏洞挖掘学习（一）
2019.02 [talosintelligence] Rakuten Viber Android Secret Chats Information Disclosure Vulnerability
2019.01 [securitygossip] Dazed Droids: A Longitudinal Study of Android Inter-App Vulnerabilities
2019.01 [sjtu] Dazed Droids: A Longitudinal Study of Android Inter-App Vulnerabilities
2019.01 [vulnerability0lab] Microsoft Skype v8.34 Android Consumer Version - Authentication Bypass Vulnerability CVE-2019-0622
2018.12 [talosintelligence] Telegram Android Secret Chats Information Disclosure Vulnerability
2018.12 [pediy] [原创](Android Root)CVE-2017-7533 漏洞分析和复现
2018.12 [talosintelligence] Signal Messenger Android self deleting messages Information Disclosure Vulnerability
2018.11 [4hou] Android系统中通过RSSI广播泄漏敏感数据的漏洞详情披露(CVE-2018-9581)
2018.11 [nightwatchcybersecurity] Sensitive Data Exposure via RSSI Broadcasts in Android OS [CVE-2018-9581]
2018.11 [nightwatchcybersecurity] Android系统电池信息广播可泄漏敏感数据(CVE-2018-15835)
2018.11 [4hou] 影响Android多个高权限服务的严重漏洞详情披露(CVE-2018-9411)
2018.11 [zimperium] CVE-2018-9539: Use-after-free vulnerability in privileged Android service
2018.11 [aliyun] CVE-2018-9411：多个高权限Android服务中的新关键漏洞
2018.10 [pediy] [翻译]Android 8.1 默认打印服务的中间人攻击漏洞披露
2018.10 [zimperium] CVE-2018-9411: 多个高权限的Android服务的严重漏洞
2018.09 [NorthSec] Kristina Balaam - Evading Vulnerability Exploitation Through Secure Android Development
2018.09 [4hou] 完美越狱iOS12后阿里安全潘多拉实验室再曝Linux存严重漏洞：9成安卓手机可被控制
2018.09 [4hou] Facebook安卓应用任意Javascript代码执行漏洞详情披露
2018.09 [aliyun] Android OS 中通过 WiFi 广播泄漏敏感数据（CVE-2018-9489）
2018.09 [360] Facebook安卓客户端任意Javascript代码执行漏洞分析
2018.09 [googleprojectzero] OATmeal on the Universal Cereal Bus: Exploiting Android phones over USB
2018.09 [4hou] 故意为之？安卓9.0以前的全部系统版本均受到“API-breaking”漏洞的影响
2018.08 [nightwatchcybersecurity] Sensitive Data Exposure via WiFi Broadcasts in Android OS [CVE-2018-9489]
2018.08 [venus] Android 蓝牙组件漏洞连连看
2018.08 [CPP] Android Operating System: One Potential Vulnerability per 4000 Lines of C++ Code
2018.08 [360] Android用户字典侧信道信息泄露漏洞（CVE-2018-9375）
2018.08 [ioactive] Discovering and Exploiting a Vulnerability in Android’s Personal Dictionary (CVE-2018-9375)
2018.07 [4hou] Quarkslab发现的三个Android蓝牙组件漏洞详情
2018.07 [arxiv] [1807.11840] Open Source Android Vulnerability Detection Tools: A Survey
2018.07 [pediy] [原创]CVE-2015-3636(pingpong root) android内核 UAF漏洞分析
2018.07 [quarkslab] A Story About Three Bluetooth Vulnerabilities in Android
2018.07 [360] RAMpage攻击：再次利用安卓RowHammer漏洞
2018.07 [hackers] Metasploit Basics, Part 13: Exploiting Android Mobile Devices
2018.07 [4hou] RAMpage攻击：再次利用安卓DRAM RowHammer漏洞
2018.07 [ms509] Bundle风水——Android序列化与反序列化不匹配漏洞详解
2018.06 [qq] 【游戏漏洞】简单破解安卓手游基础
2018.06 [zimperium] RAMpage: The Latest Rowhammer-esque Android Vulnerability
2018.06 [arxiv] [1806.09059] Are Free Android App Security Analysis Tools Effective in Detecting Known Vulnerabilities?
2018.06 [freebuf] APP漏洞赏金项目之安卓APP应用程序测试（一）
2018.06 [NetworkHeros] Hack with zANTI Vulnerability Assessment & MITM (Android Hacking) #Part-II
2018.06 [NetworkHeros] Hack with zANTI 3.18 : Vulnerability Assessment & MITM (Android Hacking) #Part-1
2018.05 [aliyun] Bundle风水——Android序列化与反序列化不匹配漏洞详解
2018.05 [nightwatchcybersecurity] Android OS Didn’t use FLAG_SECURE for Sensitive Settings [CVE-2017-13243]
2018.05 [HackerSploit] Android Hacking With zANTI - MITM & Vulnerability Assessment
2018.05 [360] DEFCON CHINA议题解读 | 通用安卓平台路径穿越漏洞的挖掘与利用
2018.05 [freebuf] 安卓、iOS双平台现重大安全漏洞，微博、网易云音乐等大型应用均受影响
2018.05 [pentestingexperts] How to Hack Android Devices Using the StageFright Vulnerability
2018.04 [360] Android内核漏洞调试：编译android4.4.4源码和内核
2018.04 [layerone] Training Spotlight: Android Reverse Engineering for Bug Bounties and Vulnerability Hunting
2018.04 [pediy] [原创]CVE-2017-13258 Android 蓝牙BNEP漏洞分析
2018.03 [pediy] [分享]CVE-2017-13253 Android Drm服务堆溢出漏洞调试分析
2018.03 [quarkslab] 2018年3月安全公告中的Android蓝牙漏洞详情
2018.03 [360] CVE-2017-13253：多个Android DRM服务中存在缓冲区溢出漏洞
2018.03 [zimperium] Android DRM服务缓冲区溢出漏洞(CVE-2017-13253)
2018.03 [NDSSSymposium] NDSS2018 - Automated Generation of Event-Oriented Exploits in Android Hybrid Apps
2018.03 [infosecinstitute] How to Hack Android Devices Using the StageFright Vulnerability
2018.03 [TechnicalMujeeb] how to find android apps vulnerabilities in Termux
2018.03 [freebuf] 安卓端渗透工具DVHMA：自带漏洞的混合模式APP
2018.03 [nightwatchcybersecurity] Content Injection in Samsung Display Solutions Application for Android [CVE-2018-6019]
2018.02 [insinuator] AndroTickler: Tickling Vulnerabilities out of Android Apps
2018.02 [HITCON] [HITCON CMT 2017] R2D104 - 温瀚翔 & 王曉東 - Challenge Impossible -- Multiple Exploit On Android
2018.01 [freebuf] CVE-2017-8890漏洞分析与利用（Root Android 7.x）
2018.01 [qq] 【游戏漏洞】安卓手游逆向必须基础
2018.01 [freebuf] 关于Android平台WebView控件存在跨域高危漏洞的安全公告
2018.01 [attify] Advanced Android and iOS Hands-on Exploitation training
2018.01 [4hou] Janus安卓应用签名绕过漏洞(CVE-2017-13156)，允许攻击者修改合法应用
2018.01 [qq] 【游戏漏洞】安卓U3D逆向从Assembly-CSharp到il2cpp
2018.01 [retme] The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel (slides)
2017.12 [360] Tethr：安卓网络共享服务开通状态检查绕过漏洞(CVE-2017-0554)
2017.12 [lanrat] Tethr: Android Tethering Provisioning Check Bypass (CVE-2017-0554)
2017.12 [ms509] Android蓝牙远程命令执行漏洞利用实践 exploit优化
2017.12 [4hou] CVE-2017-17551：Dolphin浏览器漏洞之利用安卓备份恢复特性
2017.12 [4hou] 安卓新漏洞：攻击者可任意修改App
2017.12 [360] 安卓系统Janus漏洞分析专题
2017.12 [freebuf] 独家分析：安卓“Janus”漏洞的产生原理及利用过程
2017.12 [360] 独家分析：安卓“Janus”漏洞的产生原理及利用过程
2017.12 [360] ParseDroid漏洞：针对Android开发者和安全分析人员
2017.12 [esecurityplanet] Google Patches Android for 47 Vulnerabilities in Final Update for 2017
2017.11 [hackingarticles] Android Mobile Exploitation with Evil-Droid
2017.11 [4hou] 一个漏洞泄露安卓用户的声音
2017.11 [freebuf] Android Media Projection服务漏洞深度剖析
2017.11 [aliyun] Android蓝牙远程命令执行漏洞利用实践: Exploit优化
2017.11 [4hou] Android BlueBorne (CVE-2017-0781)漏洞分析和利用
2017.11 [TechnicalMujeeb] A-RAt exploit Tool Remote Access Android using Termux App.
2017.11 [jesux] Android 6.0.1 蓝牙RCE 漏洞 BlueBorne（CVE-2017-0781）
2017.11 [ms509] Android蓝牙远程命令执行漏洞利用实践:从PoC到exploit
2017.11 [4hou] 11月安卓系统漏洞小结：31个不得不修复的漏洞
2017.11 [jesux] BlueBorne RCE en Android 6.0.1 (CVE-2017-0781)
2017.10 [venus] Android蓝牙远程命令执行漏洞利用实践:从PoC到Exploit
2017.10 [aliyun] Android蓝牙远程命令执行漏洞利用实践:从PoC到Exploit
2017.10 [freebuf] Google Play Store启动漏洞赏金计划保护Android应用
2017.10 [armis] BlueBorne on Android: Exploiting an RCE Over the Air
2017.09 [esecurityplanet] Google Android and Apple iOS Update for Critical Wi-Fi Vulnerabilities
2017.09 [360] ZNIU：首款利用Dirty COW漏洞的Android恶意软件
2017.09 [freebuf] Android Message APP 拒绝服务漏洞(CVE-2017-0780)分析与利用
2017.09 [360] CVE-2017-0780：拒绝服务漏洞可以导致Android信息应用崩溃
2017.09 [pediy] [原创] Android内核提权cve-2014-3153研究笔记
2017.09 [4hou] CVE-2017-0780：一张GIF图，让最新版Android短信应用无限崩溃
2017.09 [trendmicro] CVE-2017-0780: DoS 漏洞可导致 Android Messages App 崩溃
2017.09 [4hou] 这款开源“神器”，可以找出Android设备最底层的Bootloader漏洞
2017.08 [vulnerability0lab] Android Studio 1-4 & 2.3.3 - Manual Local Buffer Overflow Vulnerability
2017.08 [qq] 【漏洞分析】浅析android手游lua脚本的加密与解密
2017.08 [cylance] Broadpwn: The Mobile Exploit for Android and iPhones
2017.08 [360] Android内核漏洞利用技术实战：环境搭建&栈溢出实战
2017.08 [trendmicro] Android, Linux 系统F2FS 文件系统漏洞会导致内存崩溃
2017.08 [esecurityplanet] Google Patches Android for 49 Vulnerabilities in August Update
2017.08 [arxiv] [1708.02380] Ghera: A Repository of Android App Vulnerability Benchmarks
2017.08 [4hou] Broadcom Wi-Fi芯片被爆漏洞，数百万台的Android、iOS设备遭殃
2017.07 [pangu] 盘古实验室报告两个Android安全漏洞获Google致谢
2017.07 [pangu] 盘古实验室报告两个Android安全漏洞获Google致谢
2017.06 [trendmicro] June’s Android Security Bulletin Address Critical Vulnerabilities in Media Framework and Qualcomm Components
2017.06 [esecurityplanet] Google Patches Android and Chrome for Security Vulnerabilities
2017.05 [4hou] Google知道Android漏洞正在被勒索软件滥用，但它近期并不打算修复
2017.05 [freebuf] 关于Android应用程序漏洞的防护措施
2017.05 [ionize] Android Exploit Development with the Android Open Source Project Toolchain
2017.05 [esecurityplanet] Google Patches 17 Critical Vulnerabilities in Android May Security Update
2017.04 [pediy] [翻译]基于jemalloc的Android漏洞利用技巧----CENSUS
2017.04 [360] 基于jemalloc的Android漏洞利用技巧----CENSUS
2017.04 [freebuf] 一款Android漏洞测试套件 – AndroidVTS
2017.04 [trendmicro] April Android Security Bulletin Addresses Critical H.264 and H.265 Decoder Vulnerabilities
2017.04 [freebuf] Android安全开发之启动私有组件漏洞浅谈
2017.04 [arxiv] [1704.03356] An Empirical Study on Android-related Vulnerabilities
2017.04 [4hou] Android安全开发之启动私有组件漏洞浅谈
2017.04 [aliyun] Android安全开发之启动私有组件漏洞浅谈
2017.04 [freebuf] iOS 10.3.1修复的那个WiFi芯片漏洞，也影响到了数百万Android手机
2017.03 [trendmicro] Mediaserver Vulnerabilities Highlight Android’s March Security Bulletin
2017.03 [venus] Exploiting Android S-Boot: Getting Arbitrary Code Exec in the Samsung Bootloader (1/2)
2017.02 [hexdetective] Exploiting Android S-Boot: Getting Arbitrary Code Exec in the Samsung Bootloader (1/2)
2017.02 [secvul] Android漏洞checklist
2017.02 [pentestlab] Android WebView Vulnerabilities
2017.02 [freebuf] Zimperium开始悬赏Android和iPhone漏洞利用代码
2017.02 [freebuf] Android是今年的漏洞之王？CVE Details的数据根本就不靠谱！
2017.02 [nsfocus] Android Mediaserver远程代码执行漏洞(CVE-2017-0406)
2017.01 [360] 安卓漏洞：攻击Nexus6和6p自定义引导模式
2017.01 [securityintelligence] Android Vulnerabilities: Attacking Nexus 6 and 6P Custom Boot Modes
2016.12 [360] 两个CVE案例分析：如何利用Android中的可信区域
2016.12 [ms509] Android Telephony拒绝服务漏洞（CVE-2016-6763）分析
2016.12 [pediy] [原创]CVE-2015-8966/AndroidID-31435731
2016.12 [tencent] CVE-2016-6771： Android语音信箱伪造漏洞分析
2016.12 [venus] CVE-2016-6771： Android语音信箱伪造漏洞分析
2016.12 [HackingMonks] Find vulnerability of ANDROID apps like FB (easy with steps)
2016.11 [360] Fuzzing Android：挖掘Android系统组件组件中的漏洞
2016.11 [4hou] 什么样的OAuth 2.0协议漏洞能影响10亿Android APP账户？
2016.11 [retme] Rooting Every Android From Extension To Exploitation (slides)
2016.11 [arxiv] [1611.00837] Context-aware System Service Call-oriented Symbolic Execution of Android Framework with Application to Exploit Generation
2016.11 [trendmicro] Security Update Patches 13 Android Vulnerabilities Discovered by Trend Micro
2016.11 [lookout] DirtyCow and Drammer vulnerabilities let attackers root or hijack Android devices
2016.10 [freebuf] 如何利用Rowhammer漏洞Root Android手机（含演示视频+Exploit源码）
2016.10 [freebuf] 阿里聚安全Android应用漏洞扫描器解析：本地拒绝服务检测详解
2016.10 [pediy] [原创]安卓Stagefright高危漏洞分析学习总结
2016.10 [pediy] 通杀所有系统的硬件漏洞？聊一聊Drammer，Android上的RowHammer攻击
2016.10 [aliyun] 通杀所有系统的硬件漏洞？聊一聊Drammer，Android上的RowHammer攻击
2016.10 [contextis] Targeting Android for OTA Exploitation
2016.10 [konrad] Exploiting JavaScript code in Android Email Apps
2016.10 [freebuf] 每16台Android手机中，就有一台受BadKernel漏洞的影响
2016.09 [ms509] Android漏洞CVE-2015-3825分析及exploit实战：从Crash到劫持PC
2016.09 [freebuf] Android漏洞CVE-2015-3825分析及exploit实战：从Crash到劫持PC
2016.09 [trustlook] Google Offers $200,000 to Find Android Vulnerabilities
2016.09 [4hou] 换一种方式利用安卓系统漏洞
2016.09 [securitygossip] PREC: Practical Root Exploit Containment for Android Devices
2016.09 [sjtu] PREC: Practical Root Exploit Containment for Android Devices
2016.09 [googleprojectzero] Return to libstagefright: exploiting libutils on Android
2016.08 [4hou] Linux漏洞可导致约14亿安卓设备被攻击
2016.08 [freebuf] 14亿Android设备受Linux TCP漏洞的影响
2016.08 [fortinet] Deep Analysis of CVE-2016-3820 - Remote Code Execution Vulnerability in Android Mediaserver
2016.08 [welivesecurity] QuadRooter vulnerabilities leaves 900 million Android devices at risk of attack
2016.08 [freebuf] 高通曝Quadrooter高危漏洞，影响全球9亿安卓用户
2016.08 [checkpoint] QuadRooter: New Android Vulnerabilities in Over 900 Million Devices | Check Point Software Blog
2016.07 [h2hconference] Breno Silva - Defeat Android Kernel Exploitation - H2HC 2014
2016.07 [securitygossip] An Application Package Configuration Approach to Mitigation Android SSL Vulnerabilities
2016.07 [sjtu] An Application Package Configuration Approach to Mitigation Android SSL Vulnerabilities
2016.06 [duo] Thirty Percent of Android Devices Susceptible to 24 Critical Vulnerabilities
2016.06 [lookout] Android June Security Bulletin: Vulnerabilities increasing
2016.05 [pediy] [原创][首发]CVE-2015-1805 安卓手机提权ROOT漏洞分析
2016.05 [securitygossip] Analyzing Android Browser Apps for File:// Vulnerabilities
2016.05 [sjtu] Analyzing Android Browser Apps for File:// Vulnerabilities
2016.05 [duo] Sixty Percent of Enterprise Android Phones Affected by Critical QSEE Vulnerability
2016.05 [kaspersky] Android under attacks: old vulnerabilities, present threats
2016.04 [freebuf] Android Minikin 库越界写拒绝服务漏洞分析
2016.04 [fortinet] Analysis of CVE-2016-2414 - Out-of-Bound Write Denial of Service Vulnerability in Android Minikin Library
2016.04 [welivesecurity] Introducing Metaphor: Another Android Stagefright exploit
2016.04 [freebuf] Android提权漏洞CVE-2014-7920、CVE-2014-7921分析
2016.03 [blackmoreops] Android vulnerability allows attackers root access
2016.03 [trendmicro] Critical ‘CVE-2015-1805’ Vulnerability Allows Permanent Rooting of Most Android Phones
2016.03 [360] Truecaller远程代码执行漏洞影响100万安卓设备
2016.03 [] Android系统漏洞提权
2016.03 [trendmicro] Vulnerabilities on SoC-powered Android devices have implications for the IoT
2016.03 [trendmicro] Android Vulnerabilities Allow For Easy Root Access
2016.03 [freebuf] 安卓版百度浏览器远程代码执行漏洞分析
2016.02 [knownsec] 安卓微信、QQ自带浏览器 UXSS 漏洞
2016.02 [securityresear] Android Serialization Vulnerabilities Revisited (RSAC USA '16)
2016.02 [pediy] [原创][首发]cve-2015-0569 安卓手机提权ROOT漏洞分析
2016.02 [welivesecurity] Android has some critical remotely-exploitable security holes. But can you get the patch?
2016.02 [freebuf] 安卓提权漏洞分析（CVE-2014-7920、CVE-2014-7921）
2016.01 [bits] Android privilege escalation to mediaserver from zero permissions (CVE-2014-7920 + CVE-2014-7921)
2016.01 [duo] Introducing X-Ray 2.0: Vulnerability Detection for Android Devices
2016.01 [evilsocket] Autopwn Every Android < 4.2 Device on Your Network Using BetterCap and the addJavascriptInterface Vulnerability.
2016.01 [duo] Google Patches for Critical Android Vulnerabilities
2015.12 [attify] Android Application Security Vulnerability : Hacking Twitter Vine app
2015.12 [attify] Android Application Security Vulnerability : Hacking Twitter Vine app
2015.12 [flanker017] ANDROIDID-24123723 (CVE-2015-6620) POC and writeup
2015.12 [freebuf] Android WebView远程执行代码漏洞浅析
2015.12 [nsfocus] Android WebView 远程执行代码漏洞浅析
2015.12 [360] Android漏洞利用方式之NFC浅析
2015.12 [360] Android平台下二维码漏洞攻击杂谈
2015.11 [comparitech] This week in InfoSec – Chrome says goodbye to ageing operating systems, checking for Android vulnerabilities, home user tips and how to make security your next career move
2015.11 [freebuf] Hacking Team安卓浏览器攻击过程中的漏洞分析 Stage4
2015.11 [freebuf] AndroidVTS：Android手机漏洞缺陷检测App
2015.11 [angelalonso] PoC to exploit Android Wormhole Vulnerability
2015.11 [freebuf] Hacking Team安卓浏览器攻击过程中的漏洞分析 Stage3
2015.10 [freebuf] FreeBuf 追踪报道：虫洞（wormhole）漏洞来袭，多款百度热门安卓应用中枪
2015.10 [freebuf] Hacking Team安卓浏览器攻击过程中的漏洞分析 Stage 2
2015.10 [freebuf] 美运营商4G网络存在漏洞，波及所有安卓用户
2015.10 [welivesecurity] LTE vulnerabilities puts Android devices at risk of attack
2015.10 [360] Android 5.0屏幕录制漏洞（CVE-2015-3878）威胁预警
2015.10 [trendmicro] Android Security Update Includes Fix for Stagefright Vulnerabilities Discovered by Trend Micro
2015.10 [8090] iOS漏洞竟然8倍于安卓！！！
2015.10 [hackingarticles] Hack Android Phone WhatsApp and all Directories using Mercury Browser Vulnerability
2015.10 [freebuf] Hacking Team安卓浏览器攻击过程中的漏洞分析 Stage1
2015.10 [] QARK-快速的Android漏洞的审计工具
2015.10 [freebuf] Stagefright 2.0漏洞来袭影响上亿安卓用户
2015.09 [freebuf] Android漏洞检测套件
2015.09 [freebuf] Hacking Team安卓浏览器攻击过程中的漏洞分析 Stage0
2015.09 [360] Android 5.x 锁屏绕过 (CVE-2015-3860)
2015.09 [freebuf] Android 5.x漏洞：黑客可以绕过屏幕密码进入系统
2015.09 [trustlook] Android signature verification vulnerability and exploitation
2015.09 [TheHackerStuff] Android Bugs - Top 5 New Android Vulnerabilities 2017
2015.09 [freebuf] 安卓平台Mercury浏览器漏洞分析
2015.08 [] Android libcutils库中整数溢出导致的堆破坏漏洞的发现与利用
2015.08 [welivesecurity] Dolphin and Mercury Android browsers have major vulnerabilities
2015.08 [bits] Android linux kernel privilege escalation (CVE-2014-4323)
2015.08 [benthamsgaze] Experimenting with SSL Vulnerabilities in Android Apps
2015.08 [trendmicro] MediaServer Takes Another Hit with Latest Android Vulnerability
2015.08 [freebuf] 安卓预装插件“证书门”漏洞分析还原
2015.08 [bits] Android linux kernel privilege escalation vulnerability and exploit (CVE-2014-4322)
2015.08 [securityintelligence] One Class to Rule Them All: New Android Serialization Vulnerability Gives Underprivileged Apps Super Status
2015.08 [checkpoint] MEDIA ALERT: Check Point Discovers Massive Vulnerability in Android Devices
2015.08 [freebuf] 安卓曝无限重启漏洞（CVE-2015-3823），影响近90%安卓手机用户
2015.08 [freebuf] Android Broadcast组件权限绕过漏洞
2015.07 [freebuf] 安卓再曝新漏洞：可远程致使用户无法接打电话
2015.07 [acunetix] In the headlines: Android vulnerabilities, MongoDB database and more
2015.07 [freebuf] 技术分析：关于安卓libStagefright系列漏洞分析
2015.07 [arxiv] [1507.08694] Android Tapjacking Vulnerability
2015.07 [trendmicro] Trend Micro Discovers Vulnerability That Renders Android Devices Silent
2015.07 [pediy] [讨论][分享]关于最近很火的安卓stagefright漏洞
2015.07 [virusbulletin] Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution
2015.07 [trendmicro] Epic Android Vulnerability – What does it mean for you?
2015.07 [freebuf] 安卓Stagefright高危漏洞初探
2015.07 [sans] Android Stagefright multimedia viewer prone to remote exploitation
2015.07 [tencent] Hacking Team Android Browser Exploit代码分析
2015.07 [ele7enxxh] CVE-2014-7911安卓本地提权漏洞详细分析
2015.07 [ele7enxxh] 被夸大的安卓漏洞“寄生兽”
2015.07 [vxsecurity] [ VXSecurity.sg Vulnerability Research Advisory : ALZip for Android ZIP Archive Extraction Directory Traversal & Local File Inclusion Vulnerability ]
2015.06 [freebuf] Android调试器存在漏洞，可获取设备内存数据
2015.06 [trendmicro] Trend Micro Discovers Android Vulnerability that Can Lead to Exposure of Device Memory Content
2015.05 [securify] Exploiting the Xamarin.Android DLL hijack vulnerability
2015.05 [tencent] Android 9patch 图片解析堆溢出漏洞分析（CVE-2015-1532）
2015.05 [trendmicro] Trend Micro Discovers Apache Cordova Vulnerability that Allows One-Click Modification of Android Apps
2015.05 [ms509] CVE-2014-7911安卓序列化漏洞分析
2015.05 [microsoft] Mass vulnerabilities in Android applications spike industry vulnerability disclosures in 4th Quarter 2014
2015.05 [arxiv] [1505.00589] Danger is My Middle Name: Experimenting with SSL Vulnerabilities in Android Apps
2015.04 [freebuf] AwSnap：让全版本（Windows、iOS、Android）Chrome浏览器崩溃的有趣漏洞
2015.04 [skycure] Skycure Protects Against The “Android Installer Hijacking” Vulnerability
2015.03 [] 一条短信控制你的手机！ Android平台的SQL注入漏洞浅析
2015.03 [paloaltonetworks] Android Installer Hijacking Vulnerability Could Expose Android Users t
2015.03 [tencent] 一条短信控制你的手机！ Android平台的SQL注入漏洞浅析
2015.03 [freebuf] Android HTTPS中间人劫持漏洞浅析
2015.03 [] Android HTTPS中间人劫持漏洞浅析
2015.03 [securityintelligence] DroppedIn: Remotely Exploitable Vulnerability in the Dropbox SDK for Android
2015.03 [securityresear] (CVE-2014-8889) Remotely Exploitable Vulnerability in the Dropbox SDK for Android
2015.01 [] Android libcutils库中整数溢出导致的堆破坏漏洞的发现与利用
2015.01 [checkpoint] Threat Advisory - CVE-2014-7911: A New Root Exploit for Android | Check Point Software Blog
2015.01 [] An integer overflow in Android media could be exploited to get media_server permission（CVE-2015-1530）
2015.01 [] Integer overflow leading to heap corruption while unflattening GraphicBuffer In Android（CVE-2015-1474）
2015.01 [integrity] Good for Enterprise Android HTML Injection (CVE-2014-4925)
2015.01 [integrity] CVE-2014-4925 HTML injection in Good For Enterprise Android
2015.01 [hackingarticles] How to Scan Web Vulnerability using Android Phone
2015.01 [] Android APP通用型拒绝服务漏洞分析报告
2015.01 [] Android APP通用型拒绝服务漏洞分析报告
2015.01 [rapid7] 12 Days of HaXmas: A year of Metasploit Android exploits
2014.12 [freebuf] 窃取Facebook用户信息：利用Android同源策略漏洞的恶意应用被发现
2014.12 [trendmicro] Facebook Users Targeted By Android Same Origin Policy Exploit
2014.12 [pediy] [原创]Android证书验证存漏洞开发者身份信息可被篡改
2014.11 [lightless] Android Resend SMS POC CVE-2014-8610
2014.11 [attify] Box Android and iOS application Security vulnerabilities : Writeup
2014.11 [attify] Box Android and iOS application Security vulnerabilities : Writeup
2014.11 [L173864930] Android BroadcastAnyWhere(Google Bug 17356824)漏洞详细分析
2014.11 [attify] Android Security and Exploitation Training
2014.11 [attify] Android Security and Exploitation Training
2014.10 [arxiv] [1410.7745] An Application Package Configuration Approach to Mitigating Android SSL Vulnerabilities
2014.10 [vimeo] SILICA exploiting Android WebView.addJavaScriptInterface
2014.10 [checkmarx] Pakistani Ethical Hacker Reveals How He Exposed Android Vulnerabilities
2014.10 [devco] Android WebView 為你的使用者打開了漏洞之門你知道嗎？
2014.10 [pediy] [原创]Android Webview UXSS 漏洞攻防
2014.10 [tencent] Android Webview UXSS 漏洞攻防
2014.10 [riusksk] Android Webview UXSS 漏洞攻防
2014.10 [freebuf] Android（4.4版本以下）浏览器同源策略绕过漏洞
2014.10 [integrity] Outlook.com android app HTML injection vulnerability
2014.09 [checkpoint] Vulnerability Discovered Within Default Android Web Browser | Check Point Software Blog
2014.09 [trustlook] Major Android Vulnerability, 75% Android Users Are "Abandoned"
2014.09 [rapid7] Major Android Bug is a Privacy Disaster (CVE-2014-6041)
2014.09 [cmu] Finding Android SSL Vulnerabilities with CERT Tapioca
2014.09 [tencent] Android FakeID任意代码注入执行漏洞简析
2014.08 [freebuf] 趋势科技发现支付宝安卓版漏洞
2014.08 [pediy] [原创]Android LaunchAnyWhere (Google Bug 7699048)漏洞详解及防御措施
2014.08 [L173864930] Android LaunchAnyWhere (Google Bug 7699048)漏洞详解及防御措施
2014.08 [pediy] [原创]Android FakeID(Google Bug 13678484) 漏洞详解
2014.08 [trendmicro] The Dangers of the Android FakeID Vulnerability
2014.08 [L173864930] Android FakeID(Google Bug 13678484) 漏洞详解
2014.08 [securityintelligence] Apache Cordova Vulnerability Discovered: 10% of Android Banking Apps Potentially Vulnerable
2014.08 [trendmicro] Vulnerability in Spotify Android App May Lead to Phishing
2014.08 [trendmicro] Evernote Patches Vulnerability in Android App
2014.08 [] Android 4.4.2 安全USB调试绕过漏洞
2014.07 [freebuf] Android又爆重大漏洞：谁之祸根，谁该庆幸
2014.07 [trustlook] Android FakeID Vulnerability Affects 98% of Android Users
2014.07 [trendmicro] Vulnerabilities in Alipay Android App Fixed
2014.06 [securityresear] Android KeyStore Buffer Overflow (CVE-2014-3100)
2014.06 [retme] SLAB 溢出攻击 & CVE-2014-0196 exploit for Android
2014.06 [] OpenSSL六漏洞再公开，安卓客户端受影响
2014.06 [airbuscybersecurity] Local root vulnerability in Android 4.4.2
2014.05 [arxiv] [1405.6282] A Sink-driven Approach to Detecting Exposed Component Vulnerabilities in Android Apps
2014.05 [] 从android短信漏洞到手机钓鱼木马
2014.05 [trustlook] Security Vulnerability on Audible Android App
2014.04 [freebuf] 从Android短信漏洞到手机钓鱼木马
2014.04 [arxiv] [1404.4553] Analyzing Android Browser Apps for file:// Vulnerabilities
2014.04 [] HeartBleed漏洞对安卓客户端的影响
2014.04 [retme] CVE-2013-2094 exploit for Android
2014.04 [retme] Android平台上的物理内存暴露漏洞
2014.04 [freebuf] Android系统升级提权漏洞
2014.03 [retme] CVE-2012-4220 exploit for Android
2014.03 [securityresear] Firefox for Android Vulnerabilities: Overtaking Firefox Profiles
2014.03 [securityintelligence] New Vulnerabilities in Firefox for Android: Overtaking Firefox Profiles
2014.02 [cyberarms] Android Webview Exploit Tutorial (70% of Devices Vulnerable!)
2014.02 [tencent] 窃听风暴： Android平台https嗅探劫持漏洞
2014.02 [k3170makan] Path Traversal Vulnerability in OI File Manager for Android
2014.02 [freebuf] 窃听风暴：Android平台https嗅探劫持漏洞
2014.02 [freebuf] 利用旧版Android漏洞的E-Z-2-Use攻击代码已在Metasploit发布
2014.02 [k3170makan] Path Traversal Vulnerability in 'com.smartwho.SmartFileManager' 3.1.2 for Android
2014.02 [k3170makan] Critical Information Leakage Vulnerabilities in 'Next Browser' 1.16 for Android
2014.02 [k3170makan] Path Traversal Vulnerability in File Explorer (FX) for Android
2014.02 [malwarebytes] Vulnerability Discovered in Android’s VPN Connection
2014.01 [] Pileup漏洞:升级安卓系统所面临的安全风险
2014.01 [trustlook] Gilt Android App Remote Code Execution Vulnerability
2014.01 [] HeartBleed漏洞对安卓客户端的影响
2014.01 [trustlook] A billion of Android users are exposed to a high risk vulnerability
2014.01 [] OpenSSL六漏洞再公开，安卓客户端受影响
2014.01 [] 安卓平台电话拨打权限绕过漏洞(CVE-2013-6272)分析
2014.01 [pediy] [翻译]Android框架层漏洞-Fragment注入
2014.01 [] 安卓KeyStore栈溢出漏洞分析（CVE-2014-3100）
2014.01 [flanker017] [Revert from backup]对Android最新fakesms漏洞的分析
2013.12 [u011069813] A New Vulnerability in the Android Framework: Fragment Injection
2013.12 [pxb1988] Android Fragment注入漏洞
2013.12 [securityintelligence] A New Vulnerability in the Android Framework: Fragment Injection
2013.12 [checkpoint] The 2013 Android Vulnerability of the Year | Check Point Software Blog
2013.12 [L173864930] Android Superuser 提权漏洞分析
2013.12 [] 大众型的安卓客户端远程命令执行漏洞
2013.12 [pediy] [翻译]Android Master Key漏洞利用与修复
2013.12 [pediy] [翻译]Android Master Key漏洞利用与修复
2013.12 [securiteam] Access vulnerability on Android tablet
2013.11 [] Android Superuser 提权漏洞分析
2013.11 [freebuf] MST for Android – 国产WEB漏洞测试平台手机版
2013.11 [tencent] Android Superuser 提权漏洞分析
2013.11 [nsfocus] Android APK文件名长度数字签名绕过漏洞
2013.11 [tencent] 庖丁解牛--Android 第三个Master Key漏洞揭秘
2013.11 [freebuf] 黑客可远程控制你的手机 – Android 4.4惊爆漏洞（含EXP）
2013.11 [trustlook] Emergency: Android In-app Billing Verification Bypass Vulnerability
2013.10 [trustlook] eBay for Android Content Provider Information Disclosure Vulnerability
2013.09 [leehong2005] Android WebView的Js对象注入漏洞解决方案
2013.09 [freebuf] android平台漏洞攻防和代码保护的技术趋势
2013.09 [pediy] [下载]《Android平台漏洞攻防和软件保护的技术趋势》幻灯片
2013.09 [pediy] [原创]android webview 漏洞背后的节操
2013.09 [trustlook] Alert: Android WebView addJavascriptInterface Code execution Vulnerability
2013.08 [talosintelligence] Bytecode - Covering the Android Vulnerabilities Master Key and Extra Field
2013.08 [kaspersky] Master Key vulnerabilities in Android: countermeasures and attempts to exploit
2013.08 [kaspersky] Master keys: Android vulnerabilities allow applications to bypass the system check
2013.08 [su1216] android安全问题（八）伪造短信（利用原生android4.0漏洞）
2013.08 [su1216] android安全问题（八）伪造短信（利用原生android4.0漏洞）
2013.07 [talosintelligence] Android Extra Field Vulnerability Spotted in the Wild
2013.07 [u011069813] 黑客利用安卓主密钥漏洞在华传播病毒
2013.07 [malwarebytes] New App Fixes Bluebox Android Vulnerability, But Requires Root
2013.07 [lhj0711010212] android提权漏洞CVE-2010-EASY修复
2013.07 [freebuf] 中国黑客组织发现第二个Android万能密钥漏洞
2013.07 [cyberarms] Android Patch Fixes Two File Vulnerability Attacks
2013.07 [securityintelligence] Understanding the Android "master key" vulnerability
2013.07 [trendmicro] Android Vulnerability Affects 99% of Devices – Trend Micro Users Protected
2013.07 [freebuf] Android重大漏洞POC
2013.07 [pediy] ANDROID-8219321漏洞、POC及其他相关信息汇总
2013.07 [pediy] [原创]Bluebox Security提报Android 绕过应用签名认证漏洞原理
2013.07 [malwarebytes] UPDATE: New Android Vulnerability Affects 99 percent of Devices
2013.07 [u011069813] 炒的沸沸扬扬的android 大漏洞poc
2013.07 [freebuf] 安卓新漏洞将于7月末披露
2013.07 [freebuf] 安卓新漏洞，9亿安卓设备存风险
2013.07 [pediy] [原创]Bluebox Security最新提报Android漏洞的初步探讨（已确认不是同一个问题，详见正文后的补充说明）
2013.07 [malwarebytes] New Android Vulnerability Affects 99% of Devices
2013.04 [calderonpale] Taller “Búsqueda de vulnerabilidades en aplicaciones Android”
2013.04 [calderonpale] Taller "Búsqueda de vulnerabilidades en aplicaciones Android"
2013.02 [calderonpale] Taller de busqueda de vulnerabilidades en aplicaciones Android en BugCON 2013
2013.02 [calderonpale] Taller de busqueda de vulnerabilidades en aplicaciones Android en BugCON 2013
2013.01 [freebuf] Chrome for Android Download函数信息泄漏漏洞（CVE-2012-4906）
2012.12 [welivesecurity] New vulnerability on Android Samsung smartphones claimed
2012.12 [trendmicro] Exynos-Based Android Devices Suffer From Vulnerability
2012.11 [freebuf] 对Android最新fakesms漏洞的分析
2012.11 [pediy] [分享]关于近期Android系统的任意构造短信漏洞
2012.10 [privacy] Bypassing the Android Permission Model 7: Exploiting Open Interfaces to Steal Permissions
2012.10 [netspi] Android Exploitation Technical Paper Release
2012.10 [welivesecurity] Free Android USSD vulnerability protection from ESET now on Google Play
2012.09 [welivesecurity] Android's runaway success leads to fragmentation, vulnerabilities
2012.07 [securityresear] Android DNS Poisoning: Randomness gone bad (CVE-2012-2808)
2012.07 [crowdstrike] Upcoming Black Hat USA 2012: Android 4.0.1 Exploitation
2012.07 [trendmicro] Yahoo! Android App Vulnerability May Allow Spamming
2012.07 [duo] Exploit Mitigations in Android Jelly Bean 4.1
2012.05 [securityresear] Android SQLite Journal Information Disclosure (CVE-2011-3901)
2011.09 [trustwave] Google Android Focus Stealing Vulnerability Demo
2011.09 [duo] Android Vulnerabilities and SOURCE Barcelona
2011.09 [mcafee] Rooting Exploit for Android Works Silently
2011.09 [pediy] [原创]结合init源码剖析android root提权漏洞（CVE-2010-EASY）
2011.09 [pediy] [原创]Android root源代码剖析--基于CVE - 2010 - EASY
2011.08 [trustwave] TWSL2011-008: Focus Stealing Vulnerability in Android
2011.08 [securityresear] Android Browser Cross-Application Scripting (CVE-2011-2357)
2011.05 [lookout] Critical Android Vulnerability: Use Precaution on Public WiFi
2010.11 [imthezuk] Input validation issue exists in WebKit's handling of floating point data types; vulnerability in webkit (work against Android 2.0/2.1 versions)
2009.08 [c] CVE-2009-2692 and android; mitigation

<a id="1e2d63c4b03a69a79a5543b4b0f395a7"></a>恶意代码

<a id="9a60c82748643599d1c1a46dc183ab88"></a>工具

[537星][1m] [Java] trojan-gfw/igniter A trojan client for Android (UNDER CONSTRUCTION).
[454星][7m] [Shell] ashishb/android-malware Collection of android malware samples
[348星][6m] [Java] droidefense/engine Droidefense: Advance Android Malware Analysis Framework
[193星][4y] [HTML] faber03/androidmalwareevaluatingtools Evaluation tools for malware Android
[189星][3y] [Smali] sslab-gatech/avpass Tool for leaking and bypassing Android malware detection system
[138星][3y] [Java] mwsrc/betterandrorat Android Remote Access Trojan
[123星][2y] [Java] brompwnie/uitkyk Android Frida库, 用于分析App查找恶意行为
[118星][8y] [C] secmobi/amatutor Android恶意代码分析教程
[104星][4y] [Java] cvvt/apptroy An Online Analysis System for Packed Android Malware
[100星][2y] [Lua] niallmcl/deep-android-malware-detection Code for Deep Android Malware Detection paper
[87星][4y] [Py] necst/aamo Another Android Malware Obfuscator
[85星][3y] [Py] idanr1986/cuckoodroid-2.0 自动化Android 恶意软件分析
[83星][5y] [Py] maldroid/maldrolyzer Simple framework to extract "actionable" data from Android malware (C&Cs, phone numbers etc.)
[70星][1y] dkhuuthe/madlira Malware detection using learning and information retrieval for Android
[69星][1y] [Py] mwleeds/android-malware-analysis This project seeks to apply machine learning algorithms to Android malware classification.
[65星][4m] [C++] soarlab/maline Android Malware Detection Framework
[60星][2y] [Java] geeksonsecurity/android-overlay-malware-example Harmless Android malware using the overlay technique to steal user credentials.
[60星][8m] [Py] hgascon/adagio Structural Analysis and Detection of Android Malware
[54星][1m] [Py] maoqyhz/droidcc Android malware detection using deep learning, contains android malware samples, papers, tools etc.
[50星][3y] [HTML] mburakergenc/malware-detection-using-machine-learning Malware detection project on Android devices using machine learning classification algorithms.
[49星][2y] [java] toufikairane/andromalware Android Malware for educational purpose
[45星][3m] fkie-cad/destroid Fighting String Encryption in Android Malware
[42星][2m] traceflight/android-malware-datasets Popular Android malware datasets
[41星][2y] [Java] miwong/intellidroid A targeted input generator for Android that improves the effectiveness of dynamic malware analysis.
[33星][5y] [Shell] vt-magnum-research/antimalware Dynamic malware analysis for the Android platform
[30星][3m] [Java] cristianturetta/mad-spy We developed a malware for educational purposes. In particular, our goal is to provide a PoC of what is known as a Repacking attack, a known technique widely used by malware cybercrooks to trojanize android apps. The answer to solve this particular goal boils down in the simplicity of APK decompiling and smali code injection.
[27星][3y] fouroctets/android-malware-samples Android Malware Samples
[26星][1y] [Java] twilightgod/malwarebuster This is a Xposed module. It helps to prevent malwares to register service/receiver which were disabled in My Android Tools before.
[24星][3m] [Smali] aress31/sci Framework designed to automate the process of assembly code injection (trojanising) within Android applications.
[24星][3y] [Py] bunseokbot/androtools Android malware static & dynamic analysis and automated action (deprecated)
[20星][4y] [C] exploit-install/thefatrat An easy tool to generate backdoor with msfvenom (a part from metasploit framework). This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection
[19星][2y] [Py] namk12/malware-detection Deep Learning Based Android Malware Detection Framework
[18星][3m] [Java] kapilkchaurasia/behavior-based-malware-detection-system-for-android android app for malware detection
[17星][3y] bemre/bankbot-mazain 针对Android设备的开源手机银行木马BankBot / Mazain分析
[15星][3y] [Java] darrylburke/androidmalwareexample Proof of Concept example of Android Malware used for Research Purposes
[14星][9m] [HTML] fmind/euphony Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android Malware
[13星][3m] [Py] vinayakumarr/android-malware-detection Android malware detection using static and dynamic analysis
[11星][5m] [Py] jacobsoo/amtracker Android Malware Tracker
[11星][2y] [Py] tlatkdgus1/android-malware-analysis-system Android Malware Detection based on Deep Learning
[9星][2y] [Py] mldroid/csbd The repository contains the python implementation of the Android Malware Detection paper: "Empirical assessment of machine learning-based malware detectors for Android: Measuring the Gap between In-the-Lab and In-the-Wild Validation Scenarios"
[6星][3y] [Java] ssesha/malwarescanner Android app performing hash based malware detection
[6星][2y] [Java] twitter-university/antimalware An Android Eclipse project demonstrating how to build a simple anti-malware application
[6星][1y] [Py] aliemamalinezhad/machine-learning android-malware-classification using machine learning algorithms

<a id="139ddb12762052da5ebe038c455162fa"></a>文章

2020.03 [b0n1] Android – Coronavirus – related malware tracker
2020.03 [securelist] Cookiethief: a cookie-stealing Trojan for Android
2020.03 [trendmicro] Dissecting Geost: Exposing the Anatomy of the Android Trojan Targeting Russian Banks
2020.03 [mcafee] Android/LeifAccess.A is the Silent Fake Reviewer Trojan
2020.02 [trendmicro] Malicious Optimizer and Utility Android Apps on Google Play Communicate with Trojans that Install Malware, Perform Mobile Ad Fraud
2020.01 [fortinet] Android Malware Targets Diabetic Patients
2020.01 [buguroo] Discovery of a spy Trojan that exploits the Android Binder vulnerability
2019.12 [hakin9] Quark Engine - An Obfuscation-Neglect Android Malware Scoring System
2019.12 [secjuice] Squeeze Volume 6 - Airline Cyber Attack, Hornet's Nest Malware, Twitter Android App Flaw & More
2019.12 [buguroo] Banking malware in Android continues to grow. A look at the recent Brazilian banking Trojan BasBanke/Coybot
2019.11 [virusbulletin] Paper: Dexofuzzy: Android malware similarity clustering method using opcode sequence
2019.10 [4hou] 安卓银行木马Gustuff回归，目标再度锁定澳大利亚
2019.10 [welivesecurity] Tracking down the developer of Android adware affecting millions of users | WeLiveSecurity
2019.10 [virusbulletin] VB2019 paper: Geost botnet. The story of the discovery of a new Android banking trojan from an OpSec error
2019.10 [sophos] Icon-hiding Android adware returns to the Play Market
2019.10 [freebuf] 反间谍之旅：首款安卓远控木马工具分析
2019.10 [4hou] 安卓kernel 0 day漏洞正被恶意利用请及时升级系统
2019.09 [MastersInEthicalHacking] What is Android Malware Explained [Hindi]
2019.09 [fortinet] FunkyBot: A New Android Malware Family Targeting Japan
2019.08 [deepsec] DeepSec2019 Talk: Android Malware Adventures – Analyzing Samples and Breaking into C&C – Kürşat Oğuzhan Akıncı & Mert Can Coşkuner
2019.08 [4hou] 安卓恶意软件分析: 剖析 Hydra Dropper
2019.08 [Sophos] iPhone holes and Android malware - how to stay safe
2019.08 [mcafee] MoqHao Related Android Spyware Targeting Japan and Korea Found on Google Play
2019.08 [mcafee] MoqHao Related Android Spyware Targeting Japan and Korea Found on Google Play
2019.07 [pentest] Android Malware Analysis : Dissecting Hydra Dropper
2019.07 [zimperium] Latest Android Malware is Not a Surprise; Zimperium Customers Protected
2019.07 [buguroo] Analyzing the risk of banking malware in Android vs. iOS
2019.07 [binaryedge] Guest Post: Using BinaryEdge to hunt for Panda Banker C2 servers and Android Malware
2019.07 [trendmicro] Anubis Android Malware Returns with Over 17,000 Samples
2019.06 [arxiv] [1906.09456] Andro-Simnet: Android Malware Family Classification Using Social Network Analysis
2019.05 [arxiv] [1905.09136] DaDiDroid: An Obfuscation Resilient Tool for Detecting Android Malware via Weighted Directed Call Graph Modelling
2019.04 [freebuf] 肚脑虫团伙利用新特种安卓木马StealJob的攻击分析
2019.03 [arxiv] [1903.10560] Don't Pick the Cherry: An Evaluation Methodology for Android Malware Detection Methods
2019.03 [arxiv] [1903.01618] Detecting and Classifying Android Malware using Static Analysis along with Creator Information
2019.02 [sophos] Automated Android attacks deliver “UFO” cryptominer Trojan
2019.02 [hakin9] New Android Malware Uses Motion Sensor Data to Avoid Detection by William Chalk
2019.02 [welivesecurity] Navigating the murky waters of Android banking malware
2019.02 [arxiv] [1902.04238] Adversarial Samples on Android Malware Detection Systems for IoT Systems
2019.01 [arxiv] [1904.00735] A Comparative Analysis of Android Malware
2019.01 [ly0n] Understanding sklearn DecisionTree(s) through Android malware detection
2019.01 [ly0n] Understanding sklearn DecisionTree(s) through Android malware detection
2019.01 [arxiv] [1904.00736] Using Deep Neural Network for Android Malware Detection
2019.01 [arxiv] [1901.07315] Android Malware Detection Using Autoencoder
2019.01 [lookout] Lookout researchers disable Android malware designed to evade detection
2019.01 [trendmicro] Spyware Disguises as Android Applications on Google Play
2018.12 [4hou] 多个安卓墙纸APP运行恶意广告
2018.12 [4hou] 安卓木马绕过PayPal双因子认证从用户账户窃取资金
2018.12 [gdatasoftware] Predictions 2019: "The era of simple Android malware is over"
2018.12 [webroot] Cyber News Rundown: Android Trojan Steals Credentials
2018.12 [welivesecurity] 可绕过PayPal 2FA认证的Android木马分析
2018.11 [b0n1] Video analysis of Android banking Trojan found on Google Play
2018.11 [arxiv] [1811.01027] AiDroid: When Heterogeneous Information Network Marries Deep Neural Network for Real-time Android Malware Detection
2018.10 [b0n1] Android banking malware found on Google Play with over 10,000 installs targets Brazil
2018.09 [gdatasoftware] Android Trojan reads Whatsapp-Messages
2018.09 [arxiv] [1809.09035] FeatureAnalytics: An approach to derive relevant attributes for analyzing Android Malware
2018.08 [hispasec] Triout, un nuevo Spyware para dispositivos Android
2018.08 [fortinet] Android/BondPath: a Mature Spyware
2018.08 [bitdefender] Triout – Spyware Framework for Android with Extensive Surveillance Capabilities
2018.08 [arxiv] [1808.04218] Android HIV: A Study of Repackaging Malware for Evading Machine-Learning Detection
2018.08 [aliyun] 基于Telegram的安卓恶意软件HeroRAT分析
2018.08 [arxiv] [1808.01186] Stimulation and Detection of Android Repackaged Malware with Active Learning
2018.07 [gdatasoftware] Malware figures for Android rise rapidly
2018.07 [sophos] Red Alert 2.0: Android Trojan targets security-seekers
2018.07 [arxiv] [1807.08221] A Preliminary Study On the Sustainability of Android Malware Detection
2018.07 [freebuf] HeroRAT：一款全新的基于Telegram的安卓远程访问木马
2018.06 [mrg] On Android Philosophy and its Effects on Malware
2018.06 [arxiv] [1806.08893] Automatic Investigation Framework for Android Malware Cyber-Infrastructures
2018.06 [trendmicro] Android平台窃密软件FakeSpy, 针对日语和韩语用户
2018.06 [360] 新型安卓银行木马 MysteryBot 详细分析
2018.06 [trustwave] Red Alert v2.0: Misadventures in Reversing Android Bot Malware
2018.06 [360] 分析安卓恶意软件RuMMS新变种
2018.06 [arxiv] [1806.04847] Android Malware Detection using Large-scale Network Representation Learning
2018.06 [fortinet] Android Spyware Now Dropping Legit Apps?
2018.05 [hispasec] El 18% de los móviles Android con aplicaciones bancarias instaladas tienen algún tipo de malware.
2018.05 [arxiv] [1805.11843] Android Malware Detection based on Factorization Machine
2018.05 [arxiv] [1805.06620] DroidMark: A Tool for Android Malware Detection using Taint Analysis and Bayesian Network
2018.05 [4hou] Maikspy间谍软件伪装成成人游戏，攻击Windows和安卓用户
2018.05 [trendmicro] 多平台间谍软件Maikspy, 伪装成成人游戏, 进行传播
2018.04 [trendmicro] 黑客利用DNS投毒技术传播Android间谍软件XLoader
2018.04 [pentestingexperts] Pre-Installed Malware Found On 5 Million Popular Android Phones
2018.04 [talosintelligence] Android远控KevDroid的2个变种分析, 以及在此远控C&C发现的Windows远控PubNubRAT分析
2018.03 [trendmicro] Android版本的门罗币挖矿软件HiddenMiner可导致设备损毁
2018.03 [freebuf] 安卓手机遭恶意攻击，揭秘RottenSys的花式“隐匿术”
2018.03 [360] Android Malware RottenSys has infected 5 million smartphones
2018.03 [paloaltonetworks] TeleRAT: Another Android Trojan Leveraging Telegram’s Bot API to Target Iran
2018.03 [htbridge] Five Million Android Mobile Devices Pre-Installed With 'Aggressive' malware
2018.03 [htbridge] Five Million Android Mobile Devices Pre-Installed With 'Aggressive' malware
2018.03 [htbridge] Hundreds of Android Apps are Attacking Phones With Windows Malware
2018.03 [htbridge] Hundreds of Android Apps are Attacking Phones With Windows Malware
2018.03 [myonlinesecurity] Whatsapp plus spam leads to probable malware download for Android mobile phones.
2018.03 [arxiv] [1803.03448] A Family of Droids -- Android Malware Detection via Behavioral Modeling: Static vs Dynamic Analysis
2018.03 [arxiv] [1803.03544] Explaining Black-box Android Malware Detection
2018.03 [freebuf] MADLIRA：一款检测安卓端恶意软件的智能开源工具
2018.02 [lastline] Detecting the Increased Threat of Android-based Malware
2018.02 [arxiv] [1802.01185] IntelliAV: Building an Effective On-Device Android Malware Detector
2018.01 [arxiv] [1801.08115] Eight Years of Rider Measurement in the Android Malware Ecosystem: Evolution and Lessons Learned
2018.01 [360] 安卓间谍软件Skygofree：跟随HackingTeam的脚步
2018.01 [cnn] Pornographic malware found in Android apps for kids
2018.01 [4hou] 安卓恶意软件检测：系统调用日志+机器学习算法
2017.12 [4hou] 安卓恶意软件使用社会工程技术，伪装成2200家金融机构app
2017.12 [arxiv] [1712.08996] Android Malware Detection using Deep Learning on API Method Sequences
2017.12 [4hou] 一款全能的安全木马Trojan.AndroidOS.Loapi：广告、SMS、挖矿、代理、爬虫样样精通
2017.12 [360] Trojan.AndroidOS.Loapi：Android端恶意软件中的多面手
2017.12 [n0where] Advance Android Malware Analysis Framework: Droidefense
2017.12 [malwarebytes] Lo lo lo Loapi Trojan could break your Android
2017.12 [htbridge] New Android crypto mining malware can destroy devices
2017.12 [htbridge] New Android crypto mining malware can destroy devices
2017.12 [4hou] 仔细检查，也许这款安卓恶意软件就在你手机上！
2017.12 [arxiv] [1712.04402] Android Malware Characterization using Metadata and Machine Learning Techniques
2017.11 [virusbulletin] Tizi Android malware highlights the importance of security patches for high-risk users
2017.11 [googleblog] Google Play Protect 识别出监控 WhatsApp/Telegram 的间谍 App, 命名为 Tizi
2017.11 [securelist] Android commercial spyware
2017.11 [mcafee] Android Malware Appears Linked to Lazarus Cybercrime Group
2017.11 [mcafee] Android Malware Appears Linked to Lazarus Cybercrime Group
2017.11 [mcafee] 朝鲜黑客组织 Lazarus 使用Android App 攻击韩国用户
2017.11 [arxiv] [1711.07477] MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models (Extended Version)
2017.11 [arxiv] [1711.05731] Android Malware Detection using Markov Chain Model of Application Behaviors in Requesting System Services
2017.11 [mcafee] New Android Malware Found in 144 GooglePlay Apps
2017.11 [mcafee] New Android Malware Found in 144 GooglePlay Apps
2017.11 [malwarebytes] New Android Trojan malware discovered in Google Play
2017.11 [mcafee] New Android Malware Found in 144 GooglePlay Apps
2017.11 [trendmicro] 使用 Toast Overlay 攻击的 Android 恶意软件分析
2017.11 [htbridge] Android app siege - malware epidemic strikes
2017.11 [arxiv] [1711.02715] Contaminant Removal for Android Malware Detection Systems
2017.11 [f] 2017. The Year Android and Mac Malware Broke Big?
2017.11 [f] 2017. The Year Android and Mac Malware Broke Big?
2017.10 [rednaga] Hacking with dex-oracle for Android Malware Deobfuscation
2017.10 [nsfocus] 研究人员发现新型安卓银行木马Red Alert
2017.09 [arxiv] [1709.08805] Malware Detection Approach for Android systems Using System Call Logs
2017.09 [trendmicro] 首个利用 Dirty COW 漏洞的Android 恶意软件 ZNIU 分析
2017.09 [arxiv] [1709.04186] On labeling Android malware signatures using minhashing and further classification with Structural Equation Models
2017.09 [arxiv] [1709.00875] Android Malware Family Classification Based on Resource Consumption over Time
2017.09 [f5] WireX Android DDoS Malware Adds UDP Flood
2017.08 [mcafee] Android Banking Trojan MoqHao Spreading via SMS Phishing in South Korea
2017.08 [mcafee] Android Banking Trojan MoqHao Spreading via SMS Phishing in South Korea
2017.08 [mrg] A Note on the War of Android AVs and Advanced Malware
2017.08 [mcafee] Android Banking Trojan MoqHao Spreading via SMS Phishing in South Korea
2017.08 [malwarebytes] Solution Corner: Malwarebytes for Android
2017.08 [calebfenton] 使用马可夫链（Markov Chains）检测 Android 恶意代码
2017.08 [fortinet] Analyzing Android malware using a FortiSandbox
2017.08 [trendmicro] GhostClicker Adware is a Phantomlike Android Click Fraud
2017.08 [n0where] Automated Android Malware Analysis: CuckooDroid
2017.08 [cylance] Summer 2017's Most Common Android Malware
2017.08 [trendmicro] The Persistent Threat of Android Malware
2017.08 [b0n1] Android Banking Trojan misuses accessibility services
2017.08 [kudelskisecurity] Checking your Android device for known malware
2017.08 [b0n1] Android Banking Trojan misuses accessibility services
2017.08 [4hou] 安卓银行木马新增“keylogger”功能，攻击能力倍增
2017.07 [welivesecurity] Malware found lurking behind every app of alternative Android store
2017.07 [itgovernance] CopyCat malware infects 14 million Android devices
2017.07 [arxiv] [1707.04795] Android Malware Clustering through Malicious Payload Mining
2017.07 [4hou] LeakerLocker—窃取个人私密信息进行勒索的安卓恶意软件
2017.07 [4hou] 超级间谍软件SpyDealer：可同时监视40余款安卓应用，包括微信、淘宝、百度网盘等
2017.07 [fortinet] Unmasking Android Malware: A Deep Dive into a New Rootnik Variant, Part III
2017.07 [fortinet] Unmasking Android Malware: A Deep Dive into a New Rootnik Variant, Part II
2017.07 [fortinet] Unmasking Android Malware: A Deep Dive into a New Rootnik Variant, Part I
2017.07 [fortinet] 新型 Rootnik 变种深入分析（Android） Part 2
2017.07 [fortinet] 新型 Rootnik 变种深入分析（Android） Part 3
2017.07 [fortinet] 新型 Rootnik 变种深入分析（Android） Part 1
2017.07 [checkpoint] How the CopyCat malware infected Android devices around the world | Check Point Software Blog
2017.07 [paloaltonetworks] SpyDealer: Android Trojan Spying on More Tha
2017.06 [360] 安卓新型恶意木马Xavier的发展过程和技术分析
2017.06 [freebuf] 安卓新型恶意木马Xavier的发展过程和技术分析
2017.06 [virqdroid] More on Android Trojan spying on Iranian users controlled via Telegram
2017.06 [freebuf] 安天移动安全关于“Dvmap”安卓恶意软件分析报告
2017.06 [avlsec] 安天移动安全关于“Dvmap”安卓恶意软件分析报告
2017.06 [securelist] 卡巴斯基首次发现代码注入的 Android 恶意 App：运行时将恶意代码注入系统库 libdmv.so 或者 libandroid_runtime.so。此恶意 App 甚至支持64位 Android 系统
2017.06 [arxiv] [1706.00947] Context-aware, Adaptive and Scalable Android Malware Detection through Online Learning (extended version)
2017.05 [qq] 腾讯反诈骗实验室: 2017年Q1安卓ROOT类恶意病毒发展趋势研究报告
2017.05 [freebuf] 2017年Q1安卓ROOT类恶意病毒发展趋势研究报告
2017.05 [arxiv] [1705.04448] R2-D2: ColoR-inspired Convolutional NeuRal Network (CNN)-based AndroiD Malware Detections
2017.04 [freebuf] 2017第一季度安卓短信扣费木马研究：七成扣费木马擅长以”用户的名义”骗取话费
2017.04 [arxiv] [1704.08996] Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection
2017.04 [NDSSSymposium] NDSS 2017: MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models
2017.04 [trendmicro] （Android）DressCode 的后继者：MilkyDoor 分析
2017.04 [arxiv] [1704.05948] Semi-supervised classification for dynamic Android malware detection
2017.04 [arxiv] [1704.01759] A Multi-view Context-aware Approach to Android Malware Detection and Malicious Code Localization
2017.03 [arxiv] [1703.10926] EMULATOR vs REAL PHONE: Android Malware Detection Using Machine Learning
2017.03 [paloaltonetworks] A New Trend in Android Adware: Abusing Android Plugin F
2017.03 [4hou] 多款安卓智能手机被预安装恶意软件，包括三星、小米、联想
2017.03 [crysys] Update on the Fancy Bear Android malware (poprd30.apk)
2017.03 [4hou] 360发布《2016年安卓恶意软件专题报告》钓鱼、勒索和色情最猖獗每天70万人次感染
2017.02 [freebuf] 安卓现新的木马病毒，可模仿用户点击下载危险的恶意软件
2017.02 [bartblaze] Android malware on the rise
2017.02 [welivesecurity] Released Android malware source code used to run a banking botnet
2017.02 [4hou] “木马下载器”伪装成Adobe Flash Player升级程序，攻击安卓用户
2017.02 [welivesecurity] Android malware: It doesn't hurt to know about this
2017.02 [arxiv] [1702.05699] DySign: Dynamic Fingerprinting for the Automatic Detection of Android Malware
2017.02 [f] Another Reason 99% of Mobile Malware Targets Androids
2017.02 [f] Another Reason 99% of Mobile Malware Targets Androids
2017.02 [welivesecurity] New Android trojan mimics user clicks to download dangerous malware
2017.01 [blackmoreops] Android Banking Trojan Virus code leaks and sparks copycats immediately
2017.01 [fortinet] Android Locker Malware uses Google Cloud Messaging Service
2017.01 [4hou] 《超级马里奥酷跑》被发现是一个安卓银行木马？
2017.01 [crysys] Technical details on the Fancy Bear Android malware (poprd30.apk)
2016.12 [4hou] 便宜的安卓手机简直了，全部预装木马后门
2016.12 [arxiv] [1612.04433] MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models
2016.12 [arxiv] [1612.03312] Monet: A User-oriented Behavior-based Malware Variants Detection System for Android
2016.12 [trustedsec] Episode 2.3 – Flash Exploits, PowerShell Hacking, Investigating the Elections, Expedia Hacker, Android Malware, and Shutting down the Note 7. TT: Ruler, MailSniper
2016.12 [arxiv] [1612.01445] N-gram Opcode Analysis for Android Malware Detection
2016.12 [malwarebytes] Malware taking advantage of Android OS exploits, again: Gooligan
2016.11 [paloaltonetworks] PluginPhantom: New Android Trojan Abuses “DroidPlugin”
2016.11 [checkpoint] More Than 1 Million Google Accounts Breached by Gooligan, New Android Malware Variant
2016.11 [freebuf] 爆料：安卓“间谍门”事件愈演愈烈，又一家中国公司被曝在300万台安卓设备中植入rootkit
2016.11 [fortinet] Android Malware Masquerades as Banking App, Part II
2016.11 [fortinet] Android Banking Malware Masquerading as Email App Targets German Banks
2016.11 [4hou] 大材小用？Chrome 0day漏洞被用于传播安卓木马
2016.11 [deepsec] DeepSec 2016 Talk: Obfuscated Financial Fraud Android Malware: Detection And Behavior Tracking – Inseung Yang
2016.11 [freebuf] 专攻企业高管的安卓商业间谍软件Exaspy被揭露
2016.11 [skycure] Exaspy: The Newest Android Spyware Targeting Executives
2016.11 [fortinet] Android banking malware masquerades as Flash Player, targeting large banks and popular social media apps
2016.10 [mcafee] Android Banking Trojan Asks for Selfie With Your ID
2016.10 [mcafee] Android Banking Trojan Asks for Selfie With Your ID
2016.09 [4hou] 新型安卓木马Tordow已大开杀戮
2016.09 [freebuf] 都是权限惹的祸：安卓恶意APP如何将其他APP中的私有数据搞到手
2016.09 [freebuf] 安卓ELF恶意软件深度分析
2016.09 [arxiv] [1609.04718] Glassbox: Dynamic Analysis Platform for Malware Android Applications on Real Devices
2016.09 [paloaltonetworks] DualToy: New Windows Trojan Sideloads Risky Apps to Android and iO
2016.09 [checkpoint] CallJam Android Malware Found on Google Play | Check Point Software Blog
2016.09 [securelist] Banking Trojan, Gugi, evolves to bypass Android 6 protection
2016.09 [n0where] Advance Android Malware Analysis Tool: apkr
2016.08 [checkpoint] DressCode Android Malware Discovered on Google Play | Check Point Software Blog
2016.08 [trendmicro] These ads are more than annoying: Android banking malware to watch out for
2016.08 [trustlook] Trustlook Discovers a Remote Administration Tool (RAT) Android Malware
2016.08 [arxiv] [1608.05812] Analysis of Bayesian Classification based Approaches for Android Malware Detection
2016.08 [dynamoo] Malware spam: "New Doc" / "Scanned by CamScanner" / "Sent from Yahoo Mail on Android"
2016.08 [arxiv] [1608.00848] A New Android Malware Detection Approach Using Bayesian Classification
2016.08 [arxiv] [1608.00835] High Accuracy Android Malware Detection Using Ensemble Learning
2016.07 [0x00sec] Android Malware: A Tumor called Marla 0x02 [C#]
2016.07 [paloaltonetworks] SpyNote Android Trojan Build
2016.07 [arxiv] [1607.08186] Android Malware Detection Using Parallel Machine Learning Classifiers
2016.07 [arxiv] [1607.08149] N-opcode Analysis for Android Malware Classification and Categorization
2016.07 [arxiv] [1607.08087] Android Malware Detection: an Eigenspace Analysis Approach
2016.07 [cerbero] Extracting C&C from Android Malware
2016.07 [0x00sec] Android Malware - Start the App at Boot and get Kernel Version 0x01 [C#]
2016.07 [0x00sec] Introduction to the Android Malware Series - 0x00
2016.07 [freebuf] 安卓破解版Pokémon Go？DroidJack木马开始蔓延
2016.07 [mcafee] Trojanized Pokémon GO Android App Found in the Wild
2016.07 [mcafee] Trojanized Pokémon GO Android App Found in the Wild
2016.07 [checkpoint] From HummingBad to Worse: New In-Depth Details and Analysis of the HummingBad Android Malware Campaign | Check Point Software Blog
2016.07 [securitygossip] Apposcopy: Semantics-Based Detection of Android Malware Through Static Analysis
2016.07 [sjtu] Apposcopy: Semantics-Based Detection of Android Malware Through Static Analysis
2016.06 [fireeye] The Latest Android Overlay Malware Spreading via SMS Phishing in Europe
2016.06 [freebuf] Godless类恶意APP可Root 90%安卓设备
2016.06 [publicintelligence] FBI Cyber Bulletin: Android Malware Phishing for Financial Institution Customer Credentials
2016.06 [arxiv] [1606.07150] Adaptive and Scalable Android Malware Detection through Online Learning
2016.06 [malwarebytes] Android Trojan FakeApp masquerading as legitimate
2016.06 [arxiv] [1606.01403] Andro-profiler: Detecting and Classifying Android Malware based on Behavioral Profiles
2016.05 [mcafee] Android Spyware Targets Security Job Seekers in Saudi Arabia
2016.05 [mcafee] Android Spyware Targets Security Job Seekers in Saudi Arabia
2016.05 [mcafee] Android Banking Trojan 'SpyLocker' Targets More Banks in Europe
2016.05 [mcafee] Android Banking Trojan ‘SpyLocker’ Targets More Banks in Europe
2016.05 [fortinet] Android AdWare Trying to Deceive the Analyst
2016.05 [mcafee] Sex Sells: Looking at Android Adult Adware Apps
2016.05 [mcafee] Sex Sells: Looking at Android Adult Adware Apps
2016.05 [360] Viking Horde恶意软件攻击安卓设备
2016.05 [checkpoint] Viking Horde: A New Type of Android Malware on Google Play | Check Point Software Blog
2016.05 [mcafee] Phishing Goes Mobile: New Android Malware Hits Google Play
2016.05 [sec] 一个异常体积的安卓恶意代码样本分析
2016.05 [mcafee] Android Malware Clicker.G!Gen Found on Google Play
2016.05 [mcafee] Android Malware Clicker.G!Gen Found on Google Play
2016.04 [checkpoint] In The Wild: Google Can’t Close the Door on Android Malware | Check Point Software Blog
2016.04 [trendmicro] “Operation C-Major” Actors Also Used Android, BlackBerry Mobile Spyware Against Targets
2016.03 [angelalonso] Triada malware: hitting the android core system (part II)
2016.03 [pnfsoftware] Deobfuscating Android Triada malware
2016.03 [freebuf] 安卓恶意软件GMBot 2.0版本出现：售价比原版本贵三倍
2016.03 [angelalonso] Triada malware: hitting the android core system (part I)
2016.03 [welivesecurity] The security review: Android banking trojan poses as Flash Player
2016.03 [welivesecurity] Android banking trojan masquerades as Flash Player and bypasses 2FA
2016.03 [fortinet] BdMir: New Android Malware Family Spotted by SherlockDroid
2016.02 [freebuf] 被开启的潘多拉：安卓恶意软件GM Bot源代码被公开
2016.02 [securityintelligence] Android Malware About to Get Worse: GM Bot Source Code Leaked
2016.02 [virusbulletin] VB2015 paper: Will Android Trojans, Worms or Rootkits Survive in SEAndroid and Containerization?
2016.02 [paloaltonetworks] New Android Trojan “Xbot” Phishes Credit Cards and Bank Accounts, Encrypts Devices f
2016.02 [duo] Android Device Malware Spotted in Active Attacks
2016.02 [arxiv] [1602.04693] DroidNative: Semantic-Based Detection of Android Native Code Malware
2016.02 [heimdalsecurity] Security Alert: Mazar BOT – the Android Malware That Can Erase Your Phone
2016.02 [myonlinesecurity] New Doc 115 Sent from Yahoo Mail on Android – word doc malware
2016.01 [freebuf] 安卓智能电视：恶意应用的新战场
2016.01 [360] 通过恶意App感染安卓智能电视
2016.01 [securitygossip] IntelliDroid: A Targeted Input Generator for the Dynamic Analysis of Android Malware
2016.01 [sjtu] IntelliDroid: A Targeted Input Generator for the Dynamic Analysis of Android Malware
2015.12 [freebuf] 揭秘：安卓木马是如何盗取用户手机银行的
2015.12 [paloaltonetworks] Rootnik Android Trojan Abuses Commercial Rooting Tool and Steals Private In
2015.11 [b0n1] Android malware drops Banker from PNG file
2015.11 [b0n1] Android malware drops Banker from PNG file
2015.11 [freebuf] 自我复制、跨平台型安卓恶意软件出现（附源码）
2015.11 [freebuf] 来自中国的秘密：预装木马的安卓平板正在销往全世界
2015.11 [freebuf] 伪装成word的安卓恶意软件
2015.11 [angelalonso] Detecting bank trojans which steal 2FA token through the code (Android)
2015.10 [freebuf] 恶意色情软件攻击中国大陆、台湾、日本安卓用户
2015.10 [trendmicro] Pornographic-themed Malware Hits Android Users in China, Taiwan, Japan
2015.10 [securitygossip] Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware
2015.10 [sjtu] Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware
2015.10 [freebuf] Kemoge：一款影响超过20国的安卓恶意程序
2015.10 [freebuf] 伪装成PayPal的网银木马瞄准安卓用户
2015.09 [trendmicro] New “Ghost Push” Variants Sport Guard Code; Malware Creator Published Over 600 Bad Android Apps
2015.09 [welivesecurity] Android trojan drops in, despite Google’s Bouncer
2015.08 [freebuf] 一个针对中国用户的安卓木马
2015.07 [trendmicro] The Android Malware Problem
2015.07 [checkpoint] Adware or APT – SnapPea Downloader - An Android Malware that implements 12 different exploits | Check Point Software Blog
2015.07 [paloaltonetworks] New Android Malware Family Evades Antivirus Detection by Using Popular Ad
2015.06 [tan6600] 安卓恶意代码分析
2015.05 [cert] Malware attack on both Windows and Android
2015.04 [nsfocus] 剖析安卓木马Androrat（一）
2015.04 [b0n1] Android Trojan Spy goes 2 years undetected
2015.04 [b0n1] Android Trojan Spy goes 2 years undetected
2015.04 [arxiv] [1504.01693] Security Toolbox for Detecting Novel and Sophisticated Android Malware
2015.04 [trendmicro] Android Installer Hijacking Bug Used as Lure for Malware
2015.03 [checkpoint] CuckooDroid – Fighting the Tide of Android Malware | Check Point Software Blog
2015.03 [securityintelligence] MazelTov! More Android Malware Coming to a Mobile Device Near You
2015.03 [welivesecurity] Fake Amazon gift cards offer only malware to Android devices
2015.03 [sensecy] Australian Banks Targeted by Russian Malware for Android Devices
2015.02 [freebuf] Google Play商店漏洞：黑客可远程在你的安卓手机上安装恶意APP
2015.02 [checkpoint] New Android Trojans, Gremlins Inside Play, iPhone’s Safe and Sound - Mobile Security Weekly | Check Point Software Blog
2015.02 [checkpoint] Clever and Persistent Android Banking Trojan Discovered | Check Point Software Blog
2015.01 [freebuf] 看我七十二变：HTML5游戏重打包变身安卓恶意软件
2014.12 [trendmicro] Repackaging HTML5 Apps into Android Malware
2014.12 [pnfsoftware] Red October Malware for Android
2014.12 [qq] 藏在海贼王小游戏背后的安卓木马
2014.11 [securelist] Brazilian Trojan Bankers – now on your Android Play Store!
2014.10 [virusbulletin] The VB2014 presentation you never saw. Early launch Android malware: your phone is 0wned
2014.09 [checkpoint] Chinese Android mRAT Spyware Targets Hong Kong Protest
2014.09 [malwarebytes] Spyware installed on Android devices to stalk domestic abuse victims
2014.09 [trendmicro] Android Malware Use SSL for Evasion
2014.08 [welivesecurity] Krysanec trojan: Android backdoor lurking inside legitimate apps
2014.08 [cert] Android RAT malware spreading via torrents
2014.08 [vxsecurity] [ Technical Tear Down: UUPlay, ANDROID Malware ]
2014.08 [mcafee] 'DHL' SMS Spam Distributes Android Malware in Germany
2014.07 [mcafee] ‘DHL’ SMS Spam Distributes Android Malware in Germany
2014.07 [virusbulletin] Paper: Obfuscation in Android malware, and how to fight back
2014.07 [zairon] Android Koler trojan: C&C part
2014.06 [zairon] Android Koler trojan: analysis driven by application components
2014.06 [virusbulletin] Cheap Android phone comes shipped with spyware
2014.06 [trendmicro] Taiwan Hit With Micropayment Fraud via Android Malware
2014.06 [welivesecurity] Android malware: how to keep your device safe from filecoders (and everything else)
2014.06 [welivesecurity] ESET analyzes Simplocker Android malware
2014.05 [welivesecurity] Android spyware takes photos without users knowing
2014.05 [checkpoint] Security Alert: New Android Malware Spreading Aggressively - Read this FAQ. (Updated) | Check Point Software Blog
2014.05 [paloaltonetworks] Funtasy Trojan Targets Spanish Android Users with Sneaky SM
2014.05 [endgame] Android Is Still the King of Mobile Malware
2014.04 [welivesecurity] Android malware worm catches unwary users
2014.04 [sans] Android Users - Beware of Bitcoin Mining Malware
2014.04 [paloaltonetworks] Cardbuyer: New Smart Android Trojan Defeats Multi-factor Verification and Steals Prepaid G
2014.04 [virusbulletin] AOL spam spreads 'NotCompatible' Android trojan
2014.04 [sophos] Sophos at Infosecurity Europe 2014: Credit card crime, Android malware, and a look inside SophosLabs
2014.04 [securelist] New threat: Trojan-SMS.AndroidOS.Stealer.a
2014.04 [welivesecurity] Android malware? Google will be watching your every move
2014.04 [sophos] New research on Android, rootkits, and malware: SophosLabs papers accepted for Virus Bulletin 2014
2014.04 [vxsecurity] [ Technical Tear Down : First Android Tor Trojan ]
2014.04 [sans] Those strange e-mails with URLs in them can lead to Android malware
2014.04 [mcafee] Trojan Hides in ROM of Chinese Android Devices
2014.04 [mcafee] Trojan Hides in ROM of Chinese Android Devices
2014.04 [sans] Upgrading Your Android, Elevating My Malware
2014.03 [welivesecurity] Stealth malware sneaks onto Android phones, then "turns evil" when OS upgrades
2014.03 [malwarebytes] Research Paper Shows Upgrading Android Could Upgrade Malware
2014.03 [trustlook] Dendroid: Android Trojan Being Commercialized
2014.03 [securityintelligence] DIY: Android Malware Analysis – Taking Apart OBAD (Part 2)
2014.03 [welivesecurity] Android phones and tablets ship “pre-infected” with malware
2014.02 [securelist] The first Tor Trojan for Android
2014.02 [techhelplist] Some random Android malware that just showed up one day
2014.02 [welivesecurity] Android under assault as spyware and Trojans 'grow by 400%', company claims
2014.01 [] 安卓远控木马黑色产业链渐成气候，谨防手机变“肉鸡”
2013.12 [welivesecurity] ESET’s Threat Trends Predictions 2014: The next battle for internet privacy, a new assault on Androids, and a new wave of hi-tech malware
2013.12 [sophos] Explaining botnets, exploit kits, Linux and Android malware (Podcast)
2013.12 [welivesecurity] Has-bean? Old Androids still on Jelly Bean can be "lock-picked" by malware
2013.11 [christian] TraceDroid: Dynamic Malware Analysis for Android
2013.11 [arxiv] [1311.4201] Sound and Precise Malware Analysis for Android via Pushdown Reachability and Entry-Point Saturation
2013.11 [malwarebytes] Android Trojan gets an update
2013.11 [securelist] The Android Trojan Svpeng Now Capable of Mobile Phishing
2013.10 [malwarebytes] Trojan looks to “Wrob” Android users
2013.10 [pediy] Android.Trojan.Midown 的分析
2013.10 [pediy] Android-Trojan/Skullkey 分析
2013.10 [securityintelligence] DIY: Android Malware Analysis – Taking Apart OBAD (Part 1)
2013.10 [pediy] [翻译]Android Malware (SpringerBriefs in Computer Science) 第二章节
2013.09 [malwarebytes] Obad Trojan found in fake Android Google Play Store
2013.09 [quequero] AndroidOS.Opfake.a malware analysis
2013.09 [malwarebytes] 79 percent of mobile malware is directed at Android
2013.08 [trustlook] New Malware Alert: Parasites Android Malware
2013.08 [krebsonsecurity] Who Wrote the Pincer Android Trojan?
2013.08 [krebsonsecurity] A Closer Look: Perkele Android Malware Kit
2013.08 [trendmicro] Russian cybercriminals turn Android malware into an industry
2013.08 [trendmicro] Master Key Android Vulnerability Used to Trojanize Banking App
2013.07 [mcafee] Android Master-Key Malware Already Blocked by McAfee Mobile Security
2013.07 [welivesecurity] Android spyware “on rise” as snooper apps multiply
2013.07 [welivesecurity] Android malware attacks skyrocket in China
2013.06 [virusbulletin] Compromised Yahoo! accounts continue to spread Android malware
2013.06 [nviso] Step by step analysis of an Android malware sample
2013.06 [trendmicro] Cybercriminals Improve Android Malware Stealth Routines with OBAD
2013.06 [cert] Evolution of an Android malware: the story of a friend of ZitMo
2013.06 [cyberarms] Obad is the Baddest Android Trojan on the Block
2013.06 [securelist] The most sophisticated Android Trojan
2013.06 [mcafee] Phishing Attack Replaces Android Banking Apps With Malware
2013.04 [citizenlab] An Analysis of Android Malware Targeting Tibetans
2013.03 [securelist] Android Trojan Found in Targeted Attack
2013.03 [virusbulletin] Spam link sends Android users to trojan proxy
2013.03 [welivesecurity] Blogger: rogue developers hiding Android malware in apps on Google Play - We Live Security
2013.03 [sans] Digital Forensics Case Leads: Email Scammers, Android Malware, DoS Against Banks, Tool Updates And A Few Good Reads.
2013.03 [mcafee] Android Malware Goes Bollywood
2013.02 [arxiv] [1302.7212] DroidAnalytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware
2013.01 [cyberarms] 620,000 Android Phones in China hit by Most Costly Malware in History
2013.01 [trendmicro] Android Malware Found to Send Remote Commands
2013.01 [webroot] Android malware spreads through compromised legitimate Web sites
2012.09 [sans] Digital Forensics Case Leads: Giants are the biggest buyers, Freezing the cold-boot attack on disk encryption, dropping malware using the famous WhatsApp, Hacker get caught while chatting!!! IPOD, Android and SSDs, this week on Case Leadsâ¦
2012.08 [trendmicro] 164 Unique Android Adware Still Online
2012.08 [trendmicro] Android Malware Exploits China Mobile SMS Payments
2012.07 [trendmicro] DEFCON 2012: Android Malware in Luckycat Servers
2012.07 [trendmicro] Android Malware Family Downloads Paid Media and Apps
2012.07 [trendmicro] Android Malware: How Worried Should You Be?
2012.07 [pediy] [原创]Trojan-Spy.AndroidOS.Zitmo.a病毒分析
2012.06 [cert] Android malware sending Premium SMS targeting Polish users
2012.05 [trendmicro] Malware Masquerades as Flash Player for Android
2012.05 [mcafee] Evolution of Android Malware: IRCBot Joins the Party
2012.05 [virusbulletin] Android malware served via compromised websites
2012.04 [mcafee] Android Malware Promises Video While Stealing Contacts
2012.04 [forcepoint] The Android "GoldDream" Malware Server is Still Alive
2012.04 [virusbulletin] Android malware hides inside JPG image
2012.03 [mcafee] Android Malware Pairs Man-in-the-Middle With Remote-Controlled Banking Trojan
2012.03 [sans] New automated sandbox for Android malware
2012.03 [mcafee] Google Code Projects Host Android Malware
2012.02 [sans] Digital Forensics Case Leads: Android Malware,Chrome Browser Bugs and IT guy shoots Daughters Laptop.
2012.02 [quequero] RootSmart Android Malware Analysis
2012.02 [securelist] Will Google Bouncer definitely remove all malware from the Android Market?
2012.01 [talosintelligence] Android.Counterclank: Malware or Adware?
2012.01 [trustwave] Android IRC Bot - This Ain't Your Granny's Android Malware (Or Maybe It Is)
2012.01 [trendmicro] How Big will the Android Malware Threat Be in 2012?
2011.12 [securelist] Android malware: new traps for users
2011.11 [lookout] Android Trojan Aims to Make Money Through Premium Rate Text Message Charges
2011.11 [securelist] Does Android Malware Exist?
2011.11 [virusbulletin] SMS trojan targets Android users in eight western countries
2011.11 [talosintelligence] Android Malware Analysis: A How-To
2011.10 [aassfxxx] Reverse de malware Android
2011.10 [trustwave] NickiSpy.C - Android Malware Analysis & Demo
2011.10 [mcafee] Android Malware Spreads Through QR Code
2011.10 [welivesecurity] Android vulnerability patch time lag causes malware opportunity
2011.10 [trendmicro] Android Malware Uses Blog Posts as C&C
2011.09 [securelist] Malicious QR Codes Pushing Android Malware
2011.09 [welivesecurity] Android banking malware in the wild
2011.09 [mcafee] Spitmo vs Zitmo: Banking Trojans Target Android
2011.08 [welivesecurity] Android financial transactions on the rise - watch for malware
2011.08 [trendmicro] Android Malware Eavesdrops on Users, Uses Google+ as Disguise
2011.08 [trendmicro] Love Trap Android Malware Found in Third-Party App Stores
2011.08 [welivesecurity] Android malware: rapidly on the rise
2011.08 [trendmicro] Trojanized Android App Checks for Keywords in SMS Messages
2011.07 [virusbulletin] Zitmo trojan for Android defeats two-factor authentication
2011.07 [mcafee] Dissecting Zeus for Android (or Is It Just SMS Spyware?)
2011.07 [krebsonsecurity] ZeuS Trojan for Google Android Spotted
2011.07 [trendmicro] New Android Malware on the Road: GoldDream “Catcher”
2011.06 [trendmicro] Android Malware Acts as an SMS Relay
2011.06 [lookout] UPDATE: Security Alert: Android Trojan GGTracker Charges Premium Rate SMS Messages
2011.06 [sans] 8 Articles for Learning Android Mobile Malware Analysis
2011.06 [trendmicro] Analysis of DroidDreamLight Android Malware
2011.05 [securelist] Malware in the Android Market: here we go again
2011.05 [trendmicro] Android Malware Targets China Mobile Subscribers
2011.03 [securelist] Malware in the Android Market part 3
2011.03 [sans] DroidDream android malware analysis
2011.03 [trendmicro] Trojanized Apps Root Android Devices
2011.03 [securelist] Malware in the Android Market, part 2
2011.03 [securelist] Malware in the Android Market
2011.01 [trendmicro] Android Malware Spreads via Third-Party App Stores
2011.01 [alienvault] Inside Geinimi Android Trojan. Chapter Two: How to check remotely the presence of the trojan
2011.01 [alienvault] Inside Geinimi Android Trojan. Chapter One: Encrypted data and communication
2010.12 [sans] Android malware enters 2011
2010.09 [securelist] Android SMS Trojan Now Being Delivered via SEO Techniques
2010.08 [talosintelligence] Malware on Android? Big deal!
2010.08 [virusbulletin] Android SMS trojan goes wild
2010.08 [securelist] First SMS Trojan for Android
2010.08 [trendmicro] First Android Trojan in the Wild
2010.08 [oberheide] Dexcode Teardown of the Android SMS Trojan
2010.08 [alienvault] Analysis of Trojan-SMS.AndroidOS.FakePlayer.a
2010.03 [sans] Vodafone Android Phone: Complete with Mariposa Malware

<a id="fcb2e498f1a3378bf3e2dd5adda43e03"></a>取证

<a id="0cddb153bfea5b5abcf0f4a44be6ccc5"></a>工具

[395星][2m] [Py] den4uk/andriller a collection of forensic tools for smartphones
[255星][1m] [Py] orlikoski/cdqr a fast and easy to use forensic artifact parsing tool that works on disk images, mounted drives and extracted artifacts from Windows, Linux, MacOS, and Android devices
[108星][5y] [Py] mspreitz/adel dumps all important SQLite Databases from a connected Android smartphone to the local disk and analyzes these files in a forensically accurate workflow
[108星][3y] projectretroscope/retroscope Public release of the RetroScope Android memory forensics framework
[41星][3y] [HTML] scorelab/androphsy An Open Source Mobile Forensics Investigation Tool for Android Platform
[26星][4y] [Py] cyberhatcoil/acf Android Connections Forensics
[8星][8y] [Py] agnivesh/aft [Deprecated] Android Forensic Toolkit

<a id="73a56c2788dc27af4f49cbf1811ee1e9"></a>文章

2018.06 [pediy] [翻译]WhatsApp取证：对加密数据库进行解密和在尚未被Root的Android设备上提取已删除的消息
2018.03 [hackers] Digital Forensics, Part 10: Mobile Forensics (Android)
2018.03 [360] WhatsApp取证技术：如何在未Root的Android设备上解密数据库
2018.01 [elcomsoft] Forensic Implications of Software Updates: iOS, Android, Windows 10 Mobile
2017.09 [arxiv] [1709.05296] Forensics Analysis of Android Mobile VoIP Apps
2017.09 [arxiv] [1709.05144] Performance of Android Forensics Data Recovery Tools
2017.08 [0x00sec] How to master Android Forensics?
2017.06 [arxiv] [1706.08045] An Android Cloud Storage Apps Forensic Taxonomy
2017.01 [nomotion] New Training Course – Android Forensics – No $5 Wrench Required!
2016.10 [arxiv] [1610.06721] Forensic Analysis of the ChatSecure Instant Messaging Application on Android Smartphones
2016.01 [elcomsoft] Forensic Acquisition: Android
2015.10 [hackingarticles] Android Mobile Device Forensics with Mobile Phone Examiner Plus
2015.10 [hackingarticles] How to Create a Forensic Image of Android Phone using Magnet Acquire
2015.10 [hackingarticles] Forensics Investigation of Android Phone using Andriller
2015.10 [hackingarticles] Logical Forensics of an Android Device using AFLogical
2015.07 [arxiv] [1507.07739] Forensic Analysis of WhatsApp Messenger on Android Smartphones
2015.06 [arxiv] [1506.05533] Mobile Cloud Forensics: An Analysis of Seven Popular Android Apps
2014.11 [vxsecurity] [ Super Funday Mini Series : LINE Forensic Artifacts – Android Edition ]
2014.11 [vxsecurity] [ Super Funday Mini Series : Viber Forensic Artifacts – Android Edition ]
2014.01 [arxiv] [1401.6444] Android Anti-forensics: Modifying CyanogenMod
2013.10 [cerbero] An analysis module for Android: announcing the Forensic Edition
2013.06 [volatility] MoVP II - 3.5 - Utilizing the kmem_cache for Android Memory Forensics
2013.05 [volatility] MoVP II - 3.2 - Linux/Android Memory Forensics with Python and Yara
2013.05 [sans] Digital Forensics Case Leads: First ICS HoneyPot, IEF EnScripts, Android Forensics, Unit 61398 - The APT1 guys, CALEA Act and more...
2013.04 [arxiv] [1304.4915] Forensic Analysis of Instant Messenger Applications on Android Devices
2013.01 [pediy] [推荐]Android取证和安全测试开放课程
2012.10 [securityartwork] Android Log Forensics
2012.06 [privacy] A Forensic Analysis of Android Network Traffic 5: Conclusions
2012.06 [privacy] A Forensic Analysis of Android Network Traffic 4: Geolocation by Google
2012.06 [privacy] A Forensic Analysis of Android Network Traffic 2: Research methodology
2012.06 [privacy] A Forensic Analysis of Android Network Traffic 3: Data harvesting by Zynga and Words With Friends
2012.06 [sogeti] Forensics on Android phones and security measures
2012.06 [privacy] A Forensic Analysis of Android Network Traffic
2012.01 [sans] Digital Forensics Case Leads: New version of REMnux, tools for imaging iPhone and Android devices, and a list of "Best Reads" from 2011
2011.07 [toolswatch] Android Forensics made easy with viaExtract !!
2011.06 [sans] Digital Forensics Case Leads: Androids, Breaches, & Clouds All Around
2010.03 [sans] Open Source Android Digital Forensics Application

<a id="70cd678f065f0cbd109b5fb665aed139"></a>Hook

<a id="07c5aa963e1201a7c162ccb84ec1fb28"></a>XPosed

<a id="41ac1eb0f56af536a7aed91a6983e95f"></a>工具

[1763星][2y] [Java] ac-pm/inspeckage Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
[1730星][4m] [Java] tiann/epic Dynamic java method AOP hook for Android(continution of Dexposed on ART), Supporting 4.0~10.0
[708星][1m] [Java] ganyao114/sandhook Android ART Hook/Native Inline Hook/Single Instruction Hook - support 4.4 - 10.0 32/64 bit - Xposed API Compat
[429星][4y] [Makefile] mindmac/androideagleeye An Xposed and adbi based module which is capable of hooking both Java and Native methods targeting Android OS.
[220星][1y] [C] gtoad/android_inline_hook Build an so file to automatically do the android_native_hook work. Supports thumb-2/arm32 and ARM64 ! With this, tools like Xposed can do android native hook.
[169星][2m] [Java] 546669204/wechatbot-xposed A WeChat robot unit ,based on the android xposed framework hook to implement WeChat app robot functions
[128星][2y] [Java] bmax121/budhook An Android hook framework written like Xposed,based on YAHFA.
[104星][5y] [Java] rednaga/dexhook DexHook is a xposed module for capturing dynamically loaded dex files.
[50星][1y] [Py] hrkfdn/deckard Deckard performs static and dynamic binary analysis on Android APKs to extract Xposed hooks

<a id="dc6d6d158e806f4f9d02ed8b43c5c501"></a>文章

2019.01 [fuping] 安卓APP测试之HOOK大法-Xposed篇
2018.09 [pediy] [原创]Android Hook 系列教程(一) Xposed Hook 原理分析
2018.03 [pediy] [分享]Xposed Hook Apk不在classes.dex中定义的类
2017.11 [pediy] [原创]Epic——ART上的Dexposed（无侵入式Hook框架）
2017.07 [pediy] [求助]xposed怎么hook一个主dex加载的jar(包含dex)
2015.01 [freebuf] 使用渗透测试框架Xposed Framework hook调试Android APP
2015.01 [attify] Xposed Framework for Android Hooking
2015.01 [attify] Xposed Framework for Android Hooking

<a id="7de48e67d0fc795c29ba29ea12c6db80"></a>Frida

<a id="f70d1610a9446395aa5de9cae70b43c3"></a>工具

[277星][2y] [Py] antojoseph/frida-android-hooks Lets you hook Method Calls in Frida ( Android )
[271星][1m] [JS] frenchyeti/dexcalibur Dynamic binary instrumentation tool designed for Android application and powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
[99星][2y] [Java] piasy/fridaandroidtracer A runnable jar that generate Javascript hook script to hook Android classes.
[30星][9m] [TS] igio90/frida-onload Frida module to hook module initializations on android
[3星][3m] [Py] margular/frida-skeleton This repository is supposed to define infrastructure of frida on hook android including some useful functions

<a id="997a6a2140fc004cb639429adfb68ac7"></a>文章

2019.11 [securify] Android Frida hooking: disabling FLAG_SECURE
2019.01 [fuping] 安卓APP测试之HOOK大法-Frida篇
2019.01 [pediy] [原创]介召几个frida在安卓逆向中使用的脚本以及延时Hook手法
2018.09 [pediy] [原创]使用frida来hook加固的Android应用的java层
2018.07 [pediy] [原创]进阶Frida--Android逆向之动态加载dex Hook（三）（下篇）
2018.07 [pediy] [原创]进阶Frida--Android逆向之动态加载dex Hook（三）（上篇）
2018.06 [pediy] [原创]初识Frida--Android逆向之Java层hook (二)
2018.06 [pediy] [原创]初识Frida--Android逆向之Java层hook (一)
2017.04 [fuping] Android HOOK 技术之Frida的初级使用

<a id="4e9f32429486266721e7e21efa0ce727"></a>工具

[1572星][4m] [C] iqiyi/xhook a PLT (Procedure Linkage Table) hook library for Android native ELF
[1437星][1y] [Java] aslody/legend (Android)无需Root即可Hook Java方法的框架, 支持Dalvik和Art环境
[839星][1m] [C++] aslody/whale Hook Framework for Android/IOS/Linux/MacOS
[789星][1y] [C] ele7enxxh/android-inline-hook thumb16 thumb32 arm32 inlineHook in Android
[697星][11m] [Java] pagalaxylab/yahfa Yet Another Hook Framework for ART
[550星][1y] [Java] pagalaxylab/virtualhook Android application hooking tool based on VirtualApp
[448星][5y] [C++] boyliang/allhookinone all method hook approachs for android such as dalvik hook, art hook, elf hook and inline hook
[401星][2m] [Java] pqpo/inputmethodholder 通过hook监听系统键盘显示
[376星][2m] [C] turing-technician/fasthook Android ART Hook
[374星][4y] [Py] androidhooker/hooker Hooker is an opensource project for dynamic analyses of Android applications. This project provides various tools and applications that can be use to automaticaly intercept and modify any API calls made by a targeted application.
[332星][1m] [Java] mar-v-in/arthook Library for hooking on ART
[216星][3y] [Java] zhengmin1989/wechatsportcheat 手把手教你当微信运动第一名 – 利用Android Hook进行微信运动作弊
[195星][3m] [Java] panhongwei/androidmethodhook android art hook like Sophix
[190星][2m] [C++] aslody/elfhook modify PLT to hook api, supported android 5\6.
[129星][1m] [Java] turing-technician/virtualfasthook Android application hooking tool based on FastHook + VirtualApp
[120星][2m] [C++] melonwxd/elfhooker 兼容Android 32位和64位。基于EFL文件格式Hook的demo，hook了SurfaceFlinger进程的eglSwapBuffers函数，替换为new_eglSwapBuffers
[99星][1m] [C++] woxihuannisja/stormhook StormHook is a Android Hook Framework for Dalvik and Art
[58星][5m] [Java] nightoftwelve/virtualhookex Android application hooking tool based on VirtualHook/VirtualApp
[51星][5y] [C++] ikoz/androidsubstrate_hookingc_examples AndroidSubstrate_hookingC_examples
[48星][2m] [C] shunix/androidgothook GOT Hook implemented in Android
[38星][4m] [C++] chickenhook/chickenhook A linux / android / MacOS hooking framework
[24星][8m] [C++] dodola/dinlinehook simple art inline hook
[14星][2m] [C++] vito11/camerahook An prototype to hook android camera preview data of third-party and system apps
[2星][5y] [Java] nodoraiz/latchhooks Hack for Android app hooking using latch
[0星][3y] serval-snt-uni-lu/hookranker Automatically Locating Malicious Payload in Piggybacked Android Apps (A Hook Ranking Approach)

<a id="c52fb5d0961a84619a88a875380554c1"></a>文章

2019.01 [pediy] [原创]Whale -- ART Hook的最方案与实践
2019.01 [pediy] [原创]尝试着实现了一个 ART Hook
2018.11 [bugbountywriteup] Android Hook — ASIS CTF Final 2018 — Gunshops Question Walkthrough
2018.09 [pediy] [原创]Android Hook 系列教程(二) 自己写APK实现Hook Java层函数
2018.01 [360] YAHFA--ART环境下的Hook框架
2017.08 [pediy] [原创]StormHook:Android侵入式Hook框架
2017.06 [4hou] AssetHook：Android应用资源数据运行时编辑工具
2017.05 [pediy] [原创]全能HOOK框架 JNI NATIVE JAVA ART DALVIK
2017.03 [aliyun] 浅谈Android Hook技术
2017.02 [360] 使用高级反调试与反HOOK的安卓恶意ROOT软件的深度分析（二）：JAVA层分析
2017.02 [360] 使用高级反调试与反HOOK的安卓恶意ROOT软件的深度分析（一）：NATIVE层的调试
2017.02 [venus] 深度分析使用高级反调试和反hook的Android Rootnik Malware，Part II：分析JAVA层
2017.02 [venus] 深度分析使用高级反调试和反hook的Android Rootnik Malware，Part I：在Native层调试
2017.01 [fortinet] Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part I: Debugging in The Scope of Native Layer
2017.01 [fortinet] Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part II: Analysis of The Scope of Java
2017.01 [360] hook Android系统调用的乐趣和好处
2017.01 [pediy] [原创]安卓Hook函数的复杂参数如何给定？
2016.09 [pediy] [分享]Hook Android C代码基础总结
2016.06 [securitygossip] ArtHook: Callee-side Method Hook Injection on the New Android Runtime ART
2016.06 [sjtu] ArtHook: Callee-side Method Hook Injection on the New Android Runtime ART
2016.03 [sensepost] Android hooking with Introspy
2016.01 [ele7enxxh] Android Arm Inline Hook
2016.01 [freebuf] Android系统调用hook研究（一）
2015.12 [d3adend] Android Anti-Hooking Techniques in Java
2015.12 [d3adend] Android Anti-Hooking Techniques in Java
2015.11 [pediy] [原创]开源　Android inline hook
2015.09 [pediy] [原创]Android5.1 Art Hook 技术分享，求加精转正式会员
2015.09 [360] 手把手教你当微信运动第一名 – 利用Android Hook进行微信运动作弊
2015.06 [koz] Substrate - hooking C on Android
2015.05 [evilsocket] Android Native API Hooking With Library Injection and ELF Introspection.
2015.04 [L173864930] Android Art Hook 技术方案
2014.12 [gdssecurity] Hooking Non-Public Methods With the NDK - Using Mobile Substrate For Android Part 2
2014.11 [ele7enxxh] Android GOT表HOOK技术
2014.10 [L173864930] 基于Android的ELF PLT/GOT符号重定向过程及ELF Hook实现（by 低端码农 2014.10.27）
2014.10 [pediy] [原创]基于Android的ELF PLT/GOT符号重定向过程及ELF Hook实现
2014.08 [Roland] Android平台下Dalvik层hook框架ddi的研究
2014.06 [Roland] Android平台下hook框架adbi的研究（下）
2014.06 [Roland] Android平台下hook框架adbi的研究（上）
2014.03 [pediy] [原创]注入安卓进程,并hook java世界的方法
2013.12 [u011069813] Android中的so注入(inject)和挂钩(hook) - For both x86 and arm
2013.11 [] Android下通过hook技术实现透明加解密保障数据安全
2013.08 [jinzhuojun] Android中的so注入(inject)和挂钩(hook) - For both x86 and arm
2013.07 [u011069813] android hook api

<a id="df9d9982d70a9b99fdfc0c27bac60e12"></a>加固&&破解

<a id="c8cd36b0b75c53d7b4caa914f6dd2600"></a>其他

<a id="5b17938e2cb613edbe566bc475877103"></a>Dalvik

<a id="d1c1bf3368f35715c87fa697dc021d06"></a>工具

[432星][5m] [Java] aosp-mirror/platform_dalvik mirrored from https://android.googlesource.com/platform/dalvik.git
[362星][5y] [C] crmulliner/ddi Dynamic Dalvik Instrumentation Toolkit
[238星][2m] [Java] dexpatcher/dexpatcher-tool Android Dalvik bytecode patcher.
[130星][10m] [OCaml] plum-umd/redexer The Redexer binary instrumentation framework for Dalvik bytecode
[94星][5y] [Py] thuxnder/dalvik-obfuscator a set of tools/scripts to obfuscate and manipulate dex files
[87星][2y] [Shell] jakewharton/dalvik-dx A standalone packaging of AOSP's platform/dalvik dx library.
[65星][2y] [Py] cryptax/dextools Miscellaenous DEX (Dalvik Executable) tools
[50星][3y] [C] leonnewton/selfmodify Dalvik字节码自篡改原理及实现
[41星][2m] [C#] sailro/dexer Dexer is an open source framework, written in C#, that reads and writes .DEX files (Dalvik Executable Format) used by the Android Open Source Project.
[40星][7y] [C++] taintdroid/android_platform_dalvik Mirror of git://android.git.kernel.org/platform/dalvik.git with TaintDroid additions (mirror lags official Android)
[33星][5m] [Nim] akavel/dali Indie assembler/linker for Dalvik VM .dex & .apk files (Work In Progress)
[17星][7y] [C++] strazzere/dalvik-header-plugin Dalvik Header Plugin for IDA Pro
[6星][2y] [Py] silentsignal/android-param-annotate Android parameter annotator for Dalvik/Smali disassembly

<a id="66b8d79829c4b1448d9ad702333097d8"></a>文章

2019.08 [aliyun] 深入理解Apk加固之Dex保护
2019.07 [aliyun] Dex简单保护
2019.06 [4hou] 开发一个基于Dalvik字节码的相似性检测引擎，比较同一款Android应用程序的不同版本之间的代码差异（二）
2019.06 [4hou] 开发一个基于Dalvik字节码的相似性检测引擎，比较同一款Android应用程序的不同版本之间的代码差异（一）
2018.04 [pediy] [原创]Dalvik解释器源码到VMP分析
2018.01 [pediy] [原创][原创]dalvik虚拟机启动及运行原理的研究
2017.06 [pnfsoftware] Android O and DEX 38: Dalvik Opcodes for Dynamic Invocation
2017.06 [arxiv] [1706.06925] Static Dalvik VM bytecode instrumentation
2016.08 [calebfenton] Understanding Dalvik Static Fields part 2 of 2
2016.08 [arxiv] [1608.04362] Computational Soundness for Dalvik Bytecode
2016.07 [pediy] [原创]Dalvik字节码自篡改原理及实现
2016.04 [securityblog] Dalvik dex format assembler and disassembler
2016.02 [pediy] [原创]翻译，IDA调试Dalvik
2015.12 [Innost] 深入理解Android之Java虚拟机Dalvik
2015.11 [angelalonso] Android malware (emmental) dynamic Analysis with ddms (Dalvik Debug Monitor)
2015.07 [Roland] Dalvik虚拟机中DexClassLookup结构解析
2015.07 [Roland] Dalvik虚拟机中RegisterMap结构解析
2015.07 [pnfsoftware] Android Dalvik, inside OAT, inside ELF
2014.12 [Luoshengyang] Dalvik虚拟机垃圾收集（GC）过程分析
2014.12 [Luoshengyang] Dalvik虚拟机为新创建对象分配内存的过程分析
2014.12 [Luoshengyang] Dalvik虚拟机Java堆创建过程分析
2014.11 [Luoshengyang] Dalvik虚拟机垃圾收集机制简要介绍和学习计划
2014.07 [hexblog] IDA Dalvik debugger: tips and tricks
2014.01 [Luoshengyang] Android ART运行时无缝替换Dalvik虚拟机的过程分析
2013.12 [reyammer] The "behind the scene" of DexWare, a DalvikVM based service for the iCTF 2013.
2013.08 [pediy] [原创]运行时自篡改dalvik字节码delta.apk原理解析（逆向）
2013.07 [u011069813] Dalvik虚拟机相关的可执行程序
2013.06 [Luoshengyang] Dalvik虚拟机进程和线程的创建过程分析
2013.05 [volatility] Automated Volatility Plugin Generation with Dalvik Inspector
2013.05 [pediy] [转帖]反编译必备文档。。Dalvik虚拟机操作码
2013.05 [Luoshengyang] Dalvik虚拟机JNI方法的注册过程分析
2013.05 [Luoshengyang] Dalvik虚拟机的运行过程分析
2013.05 [Luoshengyang] Dalvik虚拟机的启动过程分析
2013.05 [Luoshengyang] Dalvik虚拟机简要介绍和学习计划
2013.04 [pediy] [翻译]Android安全分析挑战：运行时篡改Dalvik字节码
2013.04 [volatility] Android Application (Dalvik) Memory Analysis & the Chuli Malware
2012.12 [freebuf] Android安全之Dalvik虚拟机&反汇编格式视频讲解
2012.12 [pediy] [原创]Dalvik寄存器&反汇编格式视频讲解
2012.08 [mr] Android本地服务的启动 - zygote服务及Dalvik环境启动
2012.05 [lilu] android中ADT版本问题： java.lang.NoClassDefFoundError和conversion to dalvik format failed with error 1错误
2011.10 [Melody] DalVik学习之利器篇--如何使用smali
2011.09 [Melody] DalVik学习之LEB128是神马
2010.12 [androidcracking] what are these empty methods in dalvik?
2009.12 [mylifewithandroid] Understanding the Dalvik bytecode with the Dedexer tool
2008.12 [mylifewithandroid] The Dalvik opcodes

<a id="884f1a8ba4dc1bba9a0d7ecb748fd28c"></a>APK-Xxx

<a id="a4b01e00010adcea40d99cd2047eed8b"></a>工具

[14704星][3m] [Java] tencent/tinker Tinker is a hot-fix solution library for Android, it supports dex, library and resources update without reinstall apk.
[6265星][3m] [Java] droidpluginteam/droidplugin A plugin framework on android,Run any third-party apk without installation, modification or repackage
[1879星][1m] [Java] yeriomin/yalpstore Download apks from Google Play Store
[1521星][6m] [C++] vaibhavpandeyvpz/apkstudio Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.
[1329星][1y] [Shell] dana-at-cp/backdoor-apk a shell script that simplifies the process of adding a backdoor to any Android APK file.
[1215星][2m] [Java] javiersantos/piracychecker An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. API 14+ required.
[914星][7y] [Java] sonyxperiadev/apkanalyser ApkAnalyser
[745星][2m] [YARA] rednaga/apkid Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
[685星][1m] [Batchfile] ufologist/onekey-decompile-apk 一步到位反编译apk工具(onekey decompile apk)
[678星][7y] [Java] honeynet/apkinspector APKinspector is a powerful GUI tool for analysts to analyze the Android applications.
[589星][4m] [Java] alexzaitsev/apk-dependency-graph Android class dependency visualizer. This tool helps to visualize the current state of the project.
[552星][5y] [Shell] lxdvs/apk2gold CLI tool for decompiling Android apps to Java. It does resources! It does Java! Its real easy!
[544星][1y] [Java] jaredrummler/apkparser APK parser for Android
[541星][1m] [Java] windysha/xpatch 免Root实现app加载Xposed插件工具。This is a tool to repackage apk file, then the apk can load any xposed modules installed in the device. It is another way to hook an app without root device.
[502星][3m] [TS] shroudedcode/apk-mitm
[495星][4m] [Shell] s0md3v/diggy Extract endpoints from apk files.
[391星][6m] [Java] patrickfav/uber-apk-signer A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
[376星][2y] [Shell] m4sc3r4n0/evil-droid 创建和生成并嵌入APK Payload，用来渗透android平台
[332星][2m] [Shell] 1n3/reverseapk Quickly analyze and reverse engineer Android packages
[304星][2m] [Shell] venshine/decompile-apk APK 反编译
[289星][2m] [Py] abhi-r3v0/adhrit Android Security Suite for APK reversing, in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
[288星][5m] [Java] appium/sign Sign.jar automatically signs an apk with the Android test certificate.
[283星][3y] [Java] fourbrother/icodetools Android中动态自动插入代码到apk中工具
[266星][2y] [Java] l-jinbin/apksignaturekiller 一键破解APK签名校验
[253星][2y] [Java] godlikewangjun/dexknife-wj apk加固插件带签名校验、dex加密、资源混淆
[230星][4y] [Ruby] strazzere/apkfuscator A generic DEX file obfuscator and munger
[196星][2m] [Py] claudiugeorgiu/obfuscapk A black-box obfuscation tool for Android apps
[190星][3y] [Py] andy10101/apkdetecter Android Apk查壳工具及源代码
[181星][2m] [JS] chenquincy/app-info-parser A javascript parser for parsing .ipa or .apk files. IPA/APK文件 js 解析器
[175星][4m] [Java] calebfenton/apkfile Android app analysis and feature extraction library
[168星][2y] [Py] certcc/keyfinder A tool for finding and analyzing private (and public) key files, including support for Android APK files.
[161星][2y] [Java] iqiyi/dexsplitter Analyze contribution rate of each module to the apk size
[149星][2y] [Py] mhelwig/apk-anal Android APK analyzer based on radare2 and others.
[148星][2m] [Py] yukiarrr/il2cppspy Unity IL2CPP Disassembler (for apk)
[135星][5y] [Java] wanchouchou/apkprotect 通付盾第一代安全加固方案
[109星][2m] [Py] quarkslab/legu_unpacker_2019 Scripts to unpack APK protected by Legu
[107星][1m] [Py] zsdlove/apkvulcheck This is a tool to help androidcoder to check the flaws in their projects.
[107星][7m] [Py] alessandrodd/apk_api_key_extractor Automatically extracts API Keys from APK files
[106星][2m] [Py] virb3/apk-utilities A cross-platform suite of scripts and utilities for working with APK files
[96星][2y] [Shell] adi1090x/hackapk An Advanced Tool For Complete Apk-Modding In Termux ...
[95星][2y] [Shell] jbreed/apkwash Android APK Antivirus evasion for msfvenom generated payloads.
[94星][6m] [Py] furniel/apk-changer Command line program for modifying apk files
[85星][11m] [C++] kefir500/apk-icon-editor APK editor to easily change APK icons, name and version.
[83星][1m] [Py] wulio/coeus Android apk/sdk Scan包括android apk/sdk 安全审计代码扫描以及国内政策扫描
[81星][1m] [Kotlin] linkedin/dex-test-parser Find all test methods in an Android instrumentation APK
[79星][3y] [Ruby] xc0d3rz/metasploit-apk-embed-payload Embed a Metasploit Payload in an Original .Apk File
[71星][1m] [Shell] hax4us/apkmod Apkmod can decompile, recompile, sign APK, and bind the payload with any legit APP
[69星][3m] [C++] kefir500/apk-editor-studio Powerful yet easy to use APK editor.
[65星][3m] [C++] sisong/apkdiffpatch a C++ library and command-line tools for Zip(Jar,Apk) file Diff & Patch; create minimal delta/differential; support Jar sign(apk v1 sign) & apk v2,v3 sign .
[62星][11m] [Py] andy10101/apksecurityanalysis ApkSecurityAnalysis
[61星][5y] [Py] hamiltoniancycle/classnamedeobfuscator Simple script to parse through the .smali files produced by apktool and extract the .source annotation lines.
[50星][3y] [Shell] osm0sis/apk-patcher Patch APKs on-the-fly from Android recovery (Proof of Concept)
[49星][3y] [Py] mothran/apkminer Parallel APK analyzer
[49星][2m] [Java] catherine22/classloader Loading apks or classes without reinstalling your app.
[48星][3y] [Java] linsea/apkcompare A tool to compare 2 version APKs to find out files change. 比较两个版本的APK以找出文件大小变化的工具
[47星][8m] [Py] cryptax/angeapk Encrypting a PNG into an Android application
[47星][3y] [Shell] onbiron/apk-resigner A bash script utility for resining Android Package (APK) files.
[46星][6y] [Py] funsecurity/apk_binder_script apk binder script
[42星][3y] [Shell] jbreed/apkinjector Android APK Antivirus evasion for msfvenom generated payloads to inject into another APK file for phishing attacks.
[40星][3y] [Py] h0nus/spynoteshell Simple Python tool for backdooring apks files (with meterpreter or shell of Metasploit)
[35星][9m] [Shell] robertohuertasm/apk-decompiler Small Rust utility to decompile Android apks
[33星][3y] [Ruby] skulltech/apk-payload-injector POC for injecting Metasploit payloads on arbitrary APKs
[32星][1y] [Java] project-artist/dexterous Library and standalone CLI tool for apk/dex merging, repackaging and signing. Can also get used as a dex analyzer framework.
[29星][2m] [Java] martinstyk/apkanalyzer Java tool for analyzing Android APK files
[29星][3m] [Go] avast/apkparser APK manifest & resources parsing in Golang.
[26星][1y] [Ruby] ajitsing/apktojava View android apk as java code in gui
[26星][4m] [Java] calebfenton/resequencer Configurable, flexible regex-based APK modification tool.
[21星][3y] [Py] kudelskisecurity/check_all_apks Check All APK's -- scripts for checking your phone for malware
[20星][5m] [Py] hexabin/apkstat Automated Information Retrieval From APKs For Initial Analysis
[20星][3m] [Shell] gzu-liyujiang/apkdecompiler 【Linux系统】上apk反编译助手，已打包为ApkDecompiler.deb，支持debian系linux，如debian、ubuntu、mint、deepin等等
[20星][2y] [Go] phinexdaz/ipapk ipa or apk parser written in golang, aims to extract app information
[19星][5m] [Go] avast/apkverifier APK Signature verification in Go. Supports scheme v1, v2 and v3 and passes Google apksig's testing suite.
[17星][5y] [JS] dweinstein/node-aptoide aptoide app store APK download
[15星][10m] [C] magisterquis/pcapknock Watches for trigger packets, runs commands or spawns a shell
[14星][4y] [Py] ryanwsmith/apkinspector
[14星][2y] [Py] fourspaces/reverse_lianjia_wxapkg 逆向链家微信小程序，解析请求的加密方式获取数据
[13星][3y] [Scala] fschrofner/glassdoor glassdoor is a modern, autonomous security framework for Android APKs. POC, unmaintained unfortunately.
[13星][2m] [Java] iamyours/apkcrack A tool that make your apk debuggable for Charles/Fiddler in Android 7.0
[12星][6y] [Ruby] nvisium/ruby_apk_unpack Ruby Gem to Unpack APK(s)
[12星][2m] [JS] shahidcodes/android-nougat-ssl-intercept It decompiles target apk and adds security exception to accept all certificates thus making able to work with Burp/Charles and Other Tools
[12星][2m] [Java] orhun/apkservinject Tool for injecting (smali) services to APK files
[11星][8m] [Ruby] fuzion24/webapkcrawler Uses Google to search for .apks hosted on websites and downloads them
[9星][3y] [Py] voider1/a2scomp A tool to make it easier to change the SMALI of an APK
[8星][3y] [Shell] manofftoday/venomdroid3 Script that easily creates, signs and AV bypass .apk metasploit reverse_tcp payload.
[7星][3y] [Ruby] strazzere/ewmami A gem will allow you to query the Google Play APK Verification (AntiMalware) service
[6星][1y] as0ler/android-examples APK's used as example Apps for decompiling
[4星][1m] [Py] technowlogy-pushpender/apkinfector Advanced Android AV Evasion Tool Written In Python 3 that can Embed/Bind meterpreter APK to any Legitimate APK
[3星][4m] [Shell] deadport/apkill Pentest script for Aircrack-ng on debianesque systems that makes deauthing clients and catching handshakes of WiFi simple and fast.
[3星][12m] [Visual Basic .NET] pericena/apkcpd Compilar aplicaciones apk
[3星][11m] [Visual Basic .NET] pericena/apkdcx Los programas nos ayudara a poder descomprimir o descompilar las aplicaciones que son desarrollada en Android, con la extensión”.apk “para poder modificar el código y mejorar la aplicación.
[2星][1y] [Py] thor509/apk_digger
[1星][1y] [Py] b11001010/koodous-report-downloader Get apk's analysis report from
[1星][6y] huyle333/androidmitllctf2013 BUILDS Team 2 Android code from the MIT LL CTF 2013 for future reference. A list of APK files with different functions.
[0星][5y] [C++] raziel23x/apk-gamers-side-shooter

<a id="ef7dc42448191170a38b470d6df851fc"></a>ADB

<a id="ade3cb4479c4d96476509d1d7b4584b8"></a>工具

[607星][5m] [Py] ashishb/adb-enhanced
[585星][1m] [Py] metachar/phonesploit Using open Adb ports we can exploit a Andriod Device
[561星][2m] [Shell] corbindavenport/nexus-tools Bash script for quickly installing ADB and Fastboot on macOS and Linux.
[470星][7y] [Shell] kosborn/p2p-adb Phone to Phone Android Debug Bridge - A project for "debugging" phones... from other phones.
[401星][1m] [Java] rikkaapps/shizuku Help normal apps using system APIs directly with adb/root privileges through a Java process started with app_process.
[258星][2m] [Shell] 4ch12dy/xadb some useful adb commands for android reversing and debugging both 32 and 64 bit and support macOS and win10's MINGW64.
[242星][1y] [Py] tiann/super-adb Enhance the adb shell using busybox, supporting vi、grep and awk etc. No need root.
[206星][3y] [Java] cgutman/adblib A Java library implementation of the ADB network protocol
[206星][2y] [C#] labo89/adbgui Wrapper for Android Debug Bridge (ADB) written in C#
[148星][1m] [Shell] izzysoft/adebar Android DEvice Backup And Report, using Bash and ADB
[125星][8m] [Ruby] mttkay/replicant A REPL for the Android Debug Bridge (ADB)
[122星][5y] irsl/adb-backup-apk-injection Android ADB backup APK Injection POC
[104星][4m] [Py] huuck/adbhoney Low interaction honeypot designed for Android Debug Bridge over TCP/IP
[103星][1m] [JS] webadb/webadb.js ADB host implementation based on WebUSB
[92星][2m] [Java] rikkaapps/wadb A simple switch for adb (Android Debug Bridge) over network.
[88星][3m] [Java] patrickfav/uber-adb-tools A tool that enables advanced features through adb installing and uninstalling apps like wildcards and multi device support. Useful if you want to clean your test device from all company apks or install a lot of apks in one go. Written in Java so it should run on your platform.
[41星][5y] [Py] techbliss/adb_helper_qt_super_version All You Need For Ida Pro And Android Debugging
[39星][3y] [JS] naman14/gnome-android-tool Gnome shell extension for adb tools
[33星][1m] [Py] entynetproject/ghost Ghost Framework is an Android post exploitation framework that uses an Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
[28星][7m] [Go] cs8425/go-adbbot android bot based on adb and golang
[14星][1m] [Shell] ashwin990/adb-toolkit ADB-Toolkit V2 for easy ADB tricks with many perks in all one. ENJOY!
[8星][3m] [Lua] wazehell/remote-adb-scan pure python remote adb scanner + nmap scan module
[3星][3y] prashantmi/android-h Android Hacker is a software based on ADB (Android Debug Bridge) and can compromise any "Android Device"

<a id="0ad73dcc365a651ead2ea75d93c5be9b"></a>文章

2020.03 [hakin9] Ghost Framework - uses an ADB to remotely access an Android device
2019.10 [serializethoughts] RageAgainstTheCage - Revisting Android adb setuid Exhaustion Attack
2019.08 [4hou] ARES ADB IOT僵尸网络分析
2019.06 [ATTTechChannel] 6/28/19 Cryptocurrency Mining Botnet Arrives Through ADB | AT&T ThreatTraq
2019.06 [trendmicro] Cryptocurrency Mining Botnet Arrives Through ADB and Spreads Through SSH
2019.06 [HackerSploit] Exploiting Android Through ADB With PhoneSploit
2019.03 [urlteam] Android自动化之-解锁系列-ADB解锁锁屏与模拟九宫格密码
2019.03 [urlteam] Android自动化之-解锁系列-ADB解锁锁屏与模拟九宫格密码
2019.03 [urlteam] Android自动化之-解锁系列-ADB解锁锁屏与模拟九宫格密码
2019.03 [urlteam] Android自动化之-ADB与ADB shell常用命令
2019.01 [freebuf] Android取证：使用ADB和DD对文件系统做镜像
2018.12 [nsfocus] ADB. Mirai: 利用ADB调试接口进行传播的Mirai新型变种僵尸网络
2018.12 [pediy] [原创]利用无线ADB调试设计缺陷监控Android设备
2018.12 [andreafortuna] Android取证: 使用ADB和DD对文件系统做镜像
2018.10 [ixiacom] Trinity - P2P Malware Over ADB
2018.09 [bitdefender] Hide and Seek IoT Botnet Learns New Tricks: Uses ADB over Internet to Exploit Thousands of Android Devices
2018.08 [madrobot] Exploiting Android Devices Running Insecure Remote ADB Service
2018.08 [freebuf] Satori变种利用开放的ADB端口在Android设备中传播
2018.07 [4hou] 开放的ADB端口被用于在Android设备中传播Satori变体
2018.07 [trendmicro] Open ADB Ports Being Exploited to Spread Possible Satori Variant in Android Devices
2018.07 [ironcastle] Worm (Mirai?) Exploiting Android Debug Bridge (Port 5555/tcp), (Tue, Jul 10th)
2018.07 [sans] Worm (Mirai?) Exploiting Android Debug Bridge (Port 5555/tcp)
2018.02 [freebuf] ADB配置提权漏洞（CVE-2017-13212）原理与利用分析
2018.02 [freebuf] ADB.Miner：恶意代码正在利用开放了ADB 接口的安卓设备挖矿
2018.02 [hispasec] ADB.Miner: nueva botnet dedicada al minado de criptomonedas
2018.02 [360] ADB.Miner: More Information
2018.02 [360] ADB.Miner 安卓蠕虫的更多信息
2018.02 [360] ADB.Miner：恶意代码正在利用开放了ADB 接口的安卓设备挖矿
2018.02 [360] Early Warning: ADB.Miner A Mining Botnet Utilizing Android ADB Is Now Rapidly Spreading
2018.02 [360] ADB.Miner：恶意代码正在利用开放了ADB 接口的安卓设备挖矿
2017.08 [pediy] [原创]通过ADB与activity管理器交互
2017.03 [nxadmin] adb连接海马玩模拟器
2016.01 [jeffvanderstoep] Android: How to run your script/binary from adb in the application sandbox
2015.05 [flanker017] ADB backupAgent 提权漏洞分析（CVE-2014-7953）
2014.06 [pediy] [原创]ADB学习笔记2——adb_main和其相关数据结构
2014.06 [pediy] [原创]adb学习笔记1——adb流程简介
2014.02 [21cnbao] Android adb setuid提权漏洞的分析
2013.08 [pediy] [原创]通过adb悄悄安装apk并启动
2013.06 [u011069813] 开启了ADB，就等于配了一把家门钥匙给别人！
2013.06 [u011069813] adb 增加认证功能
2013.06 [freebuf] Android ICS adb调试工具系统还原目录遍历漏洞（可提权）
2013.06 [lhj0711010212] Android adb shell启动应用程序的方法
2013.05 [lhj0711010212] Android之adb环境变量配置标签
2013.05 [lhj0711010212] adb uninstall卸载apk文件说明
2013.01 [arduino] An Arduino-based ADB-to-USB adapter for NeXT keyboards
2012.12 [trustwave] Abusing the Android Debug Bridge
2012.12 [xianming01] android基础知识12：android自动化测试06—Instrumentation 06 adb shell am
2012.08 [jinzhuojun] bash: ./adb: No such file or directory
2012.08 [jinzhuojun] VirtualBox中从guest系统中用adb与连在host上的设备通信
2012.05 [21cnbao] 让Android adb运行在ARM平台上
2012.02 [conowen] 【整理】adb命令、adb shell与Linux各种命令（busybox）
2011.12 [winsunxu] android adb 端口转发
2011.11 [xyz] adb logcat 查看日志
2011.11 [nvisium] Kindle Fire Security, Part II- ADB, DropBox Manager
2011.11 [xyz] adb shell top
2011.11 [xyz] adb shell 命令
2011.11 [xyz] adb shell dumpsys 命令查看内存
2011.07 [pediy] [原创]Android adb setuid提权漏洞的分析
2011.03 [androidcracking] spoof getinstallerpackagename with adb
2011.01 [c] adb trickery #2
2009.05 [beyoundtestdrive] connect G1 phone to adb on Ubuntu

<a id="92fdafffc262b0a0427a9f2e40203503"></a>IDA Pro

<a id="50fae763dd75614bc2f4390fba4925a3"></a>工具

[122星][4y] [Py] cvvt/dumpdex 基于IDA python的Android DEX内存dump工具
[84星][2y] [Py] zhkl0228/androidattacher IDA debugging plugin for android armv7 so
[39星][3y] [Py] thecjw/ida_android_script 辅助Android调试的IDAPython脚本
[29星][9m] [Py] enovella/re-scripts IDA/Ghidra/Radare2脚本收集（无文档）

<a id="f19c751a88ffad37105cdd3da817e70a"></a>文章

2017.10 [pediy] [原创]-------------IDA调试 android so文件的10个技巧
2016.03 [pediy] [原创]IDA插件，一键附加调试android so
2016.01 [pediy] [原创]Android 5.0 + IDA 6.8 调试经验分享
2013.06 [trustwave] 使用IDA调试Android库
2012.02 [pediy] [原创]IDA Android Remote Debug
2011.10 [pediy] [转帖]IDA PRO 6.1 远程调试 Android
2011.07 [pediy] 关于ida调试android elf可执行文件

<a id="ac4c5990ef8ae8de989ee9160684127b"></a>Frida

<a id="5200b384a3876135b11fedf6f23496ce"></a>工具

[926星][8m] [JS] dpnishant/appmon 用于监视和篡改本地macOS，iOS和android应用程序的系统API调用的自动化框架。基于Frida。
[550星][7m] [JS] wooyundota/droidsslunpinning Android certificate pinning disable tools
[510星][1m] [JS] lyxhh/lxhtoolhttpdecrypt Simple Android/iOS protocol analysis and utilization tool
[208星][1m] [JS] xiaokanghub/frida-android-unpack this unpack script for Android O and Android P
[185星][2m] [TS] chame1eon/jnitrace A Frida based tool that traces usage of the JNI API in Android apps.
[114星][2y] [C] b-mueller/frida-detection-demo Some examples for detecting frida on Android
[106星][1m] [JS] thecjw/frida-android-scripts Some frida scripts
[104星][3m] [JS] frida/frida-java-bridge Java runtime interop from Frida
[88星][2y] [Py] mind0xp/frida-python-binding Easy to use Frida python binding script
[78星][4m] [JS] andreafioraldi/frida-js-afl-instr An example on how to do performant in-memory fuzzing with AFL++ and Frida
[65星][2m] [C] darvincisec/detectfrida Detect Frida for Android
[57星][11m] [JS] hamz-a/frida-android-libbinder PoC Frida script to view Android libbinder traffic
[55星][1m] [Java] igio90/fridaandroidinjector Inject frida agents on local processes through an Android app
[54星][2m] [Py] hamz-a/frida-android-helper Frida Android utilities
[52星][1y] feicong/zsxq_archives 【软件安全与知识星球】精华文章列表
[50星][1y] [JS] fortiguard-lion/frida-scripts some FRIDA scripts used for Android RE
[46星][3y] [Py] ikoz/jdwp-lib-injector inject native shared libraries into debuggable Android applications
[43星][1m] [TS] oleavr/frida-agent-example Example Frida agent written in TypeScript
[31星][2m] [JS] fsecurelabs/android-keystore-audit
[30星][1y] [JS] ioactive/bluecrawl Frida (Android) Script for extracting bluetooth information
[21星][1m] [JS] iddoeldor/mplus Intercept android apps based on unity3d (Mono) using Frida
[19星][2y] [Py] notsosecure/dynamic-instrumentation-with-frida Dynamic Instrumentation with Frida
[18星][3m] [Py] igio90/fridaandroidtracer Android application tracer powered by Frida
[1星][1y] [JS] ddurando/frida-scripts

<a id="f9fd19a349a4b18d553d0c4ec4865764"></a>文章

2020.03 [freebuf] 如何使用Frida绕过Android网络安全配置
2019.10 [freebuf] 使用Frida绕过Android App的SSL Pinning
2019.04 [ved] Hail Frida!! The Universal SSL pinning bypass for Android.
2019.04 [securify] Frida Android libbinder
2018.12 [pediy] [原创] Frida操作手册-Android环境准备
2018.11 [4hou] 使用FRIDA为Android应用进行脱壳的操作指南
2018.11 [pediy] [原创]Frida Bypass Android SSL pinning example 1
2018.11 [360] 如何使用FRIDA搞定Android加壳应用
2018.11 [fortinet] How-to Guide: Defeating an Android Packer with FRIDA
2018.10 [serializethoughts] Bypassing Android FLAG_SECURE using FRIDA
2018.06 [pediy] [原创]关于android 微信 frida 使用技巧
2018.05 [aliyun] Frida.Android.Practice (ssl unpinning)
2018.03 [pediy] [翻译]使用 Frida 逆向分析 Android 应用与 BLE 设备的通信
2018.02 [pentestpartners] Reverse Engineering BLE from Android apps with Frida
2017.08 [360] 如何利用Frida实现原生Android函数的插桩
2017.08 [notsosecure] 如何动态调整使用 Android 的NDK 编写的代码，即：使用 Frida Hook C/ C++ 开发的功能。
2017.07 [360] 使用Frida绕过Android SSL Re-Pinning
2017.07 [mediaservice] 使用 Frida 绕过 AndroidSSL Pinning
2017.07 [koz] 无需 Root 向 AndroidApp 中注入原生库（例如 Frida）
2017.06 [360] 利用FRIDA攻击Android应用程序（四）
2017.05 [4hou] Android APP破解利器Frida之反调试对抗
2017.05 [360] 利用FRIDA攻击Android应用程序（三）
2017.04 [codemetrix] Hacking Android apps with FRIDA III - OWASP UnCrackable 2
2017.04 [koz] 不用Root就可以在安卓上使用Frida。
2017.03 [360] 利用FRIDA攻击Android应用程序（二）
2017.03 [360] 利用FRIDA攻击Android应用程序（一）
2017.03 [notsosecure] 使用 Frida 审计安卓App和安全漏洞
2017.03 [codemetrix] 使用Frida Hack安卓App（Part 2）
2017.03 [codemetrix] 使用Frida Hack安卓App（Part 1）

<a id="ea3c7c05861352ae1d05ce28cf745e7e"></a>工具

<a id="39226e999eb0a6673919aeea22921d0b"></a>文章

贡献

内容为系统自动导出, 有任何问题请提issue

Awesome

所有收集类项目

Android

目录

<a id="68d90d74dca98b4812bd082767343703"></a>资源收集

<a id="767078c52aca04c452c095f49ad73956"></a>Github Repo

<a id="d3edc24d146d61221786f8e89c902397"></a>知名分析工具

<a id="c52b14cea935b701a421cb2d44c590d3"></a>ClassyShark

<a id="4a8b5558129606951cf406d3717efc25"></a>工具

<a id="ebb31da97d52038330587e11aa3b7663"></a>文章

<a id="98e0f17cd07a3cf1e8ffc43a6237ecc6"></a>jeb

<a id="56d0739e51ee737ac2dc2000714eb920"></a>工具

<a id="3205cec7f053205545589f9b332a3708"></a>文章

<a id="190a50af2c6e312dab59310243dc9a07"></a>enjarify

<a id="1ab52c0bb8444157e2a6217c2c7a1783"></a>工具

<a id="a2e68c9be0b242e3fb4fd42a262c471a"></a>文章

<a id="019813c8858057c3b079ba9fbda7e61f"></a>androguard

<a id="57ab0c9888130e35c2fc37f97537fdd3"></a>工具

<a id="0d6b1003c6e834560d9860f77f10e6b1"></a>文章

<a id="f136c28b41053e3d884385f33da22bb5"></a>jadx

<a id="b36c7a8866ead5febf57b179811d6b35"></a>工具

<a id="bbf5db01b18fc4ceacd7d1bb6e456807"></a>文章

<a id="51f8cd240758c6723fe59e5fb7b5a941"></a>jd-gui

<a id="732953dd03c164baa82b5189a1e883bb"></a>工具

<a id="b1b9fcec9b1935d4a5373e9907d5d1bb"></a>文章

<a id="d9716319ad6dac60048651a18e2b0a4b"></a>dex2jar

<a id="541b58e9a1ee2bebf1295ae116fafa4d"></a>工具

<a id="32f4773a7e0739def1ab014fadb3db88"></a>文章

<a id="6d92b271b2e90e8b03d873712722adbe"></a>apktool

<a id="2f014ba4bc98fef37272a1e4acc399f2"></a>工具

<a id="8b6c1a37516d86d729d05ad769e5d681"></a>文章

<a id="63bfb9519c279be953eca5c8f99757fa"></a>virtualapk

<a id="66019021f5ace5c41bf5de20be94f9e3"></a>工具

<a id="40180b771f8762f1470aa38b19afc1e1"></a>baksmali

<a id="c762fd140130e8f90c51d58f3e01288a"></a>工具

<a id="f84bf9c4269ace64fe1a216046c67d62"></a>文章

<a id="3e5efcb723ddb311526b0cf27a095117"></a>cSploit

<a id="61012694dfaf7dc87ef7a0738a005818"></a>工具

<a id="47fbd63ae0e4321d98e09951fd37f1bb"></a>文章

<a id="6ad1dd69e315677a2252c1c8e8620572"></a>bytecodeviewer

<a id="26f401339eb01096e69d6c650abe51df"></a>工具

<a id="1ed0d3c6279ba30df06262de9c24cdd8"></a>MobSF

<a id="9c93b893f550d7c8cf4a19cce06e177b"></a>工具

<a id="9e5612f2c728bdbbca8b2571bd94cd79"></a>文章

<a id="eccb49e7c71be9df25fec6d241d18f8e"></a>androl4b

<a id="800724f7b844e2293370510700c6ca73"></a>工具

<a id="42ea2fc802be5efdd7bc656aa39446cb"></a>文章

<a id="78c2fbcadbbfda5a1448c6f150a9251d"></a>decaf

<a id="0c3c1ab3d169db8cc058a0d72cb6aa1d"></a>工具

<a id="9843fb6cfb113c357deaf0dac05b22a8"></a>文章

<a id="b32978986b1ad7ff33a1ff4ee968190c"></a>cuckoo-droid

<a id="1532c5ea999fcd785571a78ca3fed8f6"></a>工具

<a id="a054356d9fb3b22c638a5c49406e230a"></a>各类App

<a id="51c70b0a90c17e4c3591c5997ffb1283"></a>ahmyth

<a id="8192031d06c545c465a838c13002ef27"></a>工具

<a id="1d343a8e2abaf1bcdb2c7952fbab8ad1"></a>文章

<a id="1ab9ebcde9606f3e02a0dcd6c48411ad"></a>工具

<a id="a3f24c3d0190fbd519cce450f423b86e"></a>Topic

<a id="73b51525ab1548eba12f897ff482d785"></a>漏洞

<a id="d39d72e9362eda71cef10de260f43107"></a>工具

<a id="d5f45ceee87e1d68df9fe75801285e9e"></a>文章

<a id="1e2d63c4b03a69a79a5543b4b0f395a7"></a>恶意代码

<a id="9a60c82748643599d1c1a46dc183ab88"></a>工具

<a id="139ddb12762052da5ebe038c455162fa"></a>文章

<a id="fcb2e498f1a3378bf3e2dd5adda43e03"></a>取证

<a id="0cddb153bfea5b5abcf0f4a44be6ccc5"></a>工具

<a id="73a56c2788dc27af4f49cbf1811ee1e9"></a>文章

<a id="70cd678f065f0cbd109b5fb665aed139"></a>Hook

<a id="07c5aa963e1201a7c162ccb84ec1fb28"></a>XPosed

<a id="41ac1eb0f56af536a7aed91a6983e95f"></a>工具

<a id="dc6d6d158e806f4f9d02ed8b43c5c501"></a>文章

<a id="7de48e67d0fc795c29ba29ea12c6db80"></a>Frida

<a id="f70d1610a9446395aa5de9cae70b43c3"></a>工具

<a id="997a6a2140fc004cb639429adfb68ac7"></a>文章

<a id="4e9f32429486266721e7e21efa0ce727"></a>工具

<a id="c52fb5d0961a84619a88a875380554c1"></a>文章

<a id="df9d9982d70a9b99fdfc0c27bac60e12"></a>加固&&破解

<a id="c8cd36b0b75c53d7b4caa914f6dd2600"></a>其他

<a id="5b17938e2cb613edbe566bc475877103"></a>Dalvik

<a id="d1c1bf3368f35715c87fa697dc021d06"></a>工具