AppAudit is an efficient program analysis tool that detects data leaks in mobile applications. It can accurately find all leaks within seconds and ~200 MB memory. We have an Android port that shows AppAudit is efficient enough to run as an Android app on off-the-shelf smartphones.
@inproceedings{appaudit,
author = {Mingyuan Xia and Lu Gong and Yuanhao Lyu and Zhengwei Qi and Xue Liu},
title = {Effective Real-time Android Application Auditing},
booktitle = {Proceedings of the 2015 IEEE Symposium on Security and Privacy},
series = {SP '15},
year = {2015},
publisher = {IEEE Computer Society},
}
import requests, pprint, time, sys
if len(sys.argv) < 2: print 'Usage: python appauditio.py APK_FILE' sys.exit(1)
api_server='http://api.appaudit.io:5902/api/'
files={'file':open(sys.argv[1], 'rb')} r = requests.post(api_server + 'upload/', files=files) if r.status_code != 200: print('upload failed, try again') sys.exit(1)
psha1 = r.content while True: report=requests.get(api_server + 'report/find/'+psha1).json() if 'scanned' in report['status_msg']: break time.sleep(1)
You can find this script in the repo as well. Note that currently we set no rate limit for upload requests. However our server has a limited bandwidth, please [email me](mailto:mingyuan.xia@mail.mcgill.ca) if you want to scan large datasets.
* If you are interested in the current and future development, send me an Email :=)