Skip to content
master
Go to file
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

DeepDive-Android

An educational tool for the reverse engineering and security assessment of Android apps

We initially experimented with reverse engineering to explore vulnerabilities of our own apps. We learned how hackers find security gaps in our apps. Looking other apps on our phone, we also learned how seemingly legitimate apps invade our privacy.

This is an early release, DeepDive is still in BETA. We need your donations to help support research, development and testing.

Finally, a workflow you can live with

Android is the server. Access the details of reverse engineering from your handheld device or from the convenience of your large Mac or PC screen. How we use DeepDive:

  1. Join the same WiFi on your Android phone or tablet as your Mac or PC.
  2. Install and start DeepDive on your Android phone or tablet.
  3. Note the IP address on the home screen and go to that address from your Mac or PC.


Installation Instructions

Notes On Security

Configure a user login from app Settings. All communications are encrypted with a self signed security certificate. All communications are AES encrypted via TLS 1.2 HTTPS however your browser is unable to associate the certificate with a domain name or static IP address, consequently you will see a security warning or error message.

Lucene, Ultra-fast search

A decompiled app can have hundreds of thousands of files and millions of lines of code. That's why DeepDive has Lucene, a near-instant search capability, the search engine behind Amazon, AOL, LinkedIn, and Twitter. You can index the source code from a single app or index the entire virtual filesystem and search across hundreds of apps.

Search dozens of keywords at a time

Search Sets are collections of Lucene Searches. Search for dozens of keywords at a time. The app comes with default Search Sets and you can create your own.

Features

  • The source code is at your fingertips using the elFinder "Mac-like" file manager.
  • Your code is secure on your hardware, not on an unknown server in the Cloud.
  • Device details, app details and permissions
  • APK extraction and unpacking
  • DEX optimization
  • Convert Android DEX to Jar
  • Decompile most Android apps
  • Private and crypto file storage
  • File manager and finder
  • Instant search and search sets
  • Shell, Logcat & Keystore utilities
  • Android API 24+ (Nougat+)
  • Root not required

Tools included

Licensing

  • DeepDive is offered for free under conditions of the GPLv3 open source software license.
  • Contact Nuvolect LLC for a less restrictive commercial license if you would like to use the software without the GPLv3 restrictions.

Contributing, Bug Reports

  • We use GitHub for bug tracking. Please search the existing issues for your bug and create a new one if the issue is not yet tracked. https://github.com/Nuvolect/DeepDive-Android/issues
  • Want to contribute? By all means, dive in! See CONGRIBUTING.md. The UI could use some help with Angular and other web skills. The Lucene search engine is great but we are not using all it can do. Are you into Android security? Help us expose vulnerabilities and exploitations.

Support

For general questions and discussion about features, visit the forum.

Copyright Nuvolect LLC

About

An educational tool for the reverse engineering and security assessment of Android apps

Resources

License

Releases

No releases published
You can’t perform that action at this time.