In [None]:
F   I   N  A  L
import streamlit as st
from androguard.core.bytecodes.apk import APK
import requests
import ipaddress
import tempfile
import os
import google.generativeai as genai

# Configure GenAI with your API key
api_key = 'AIzaSyD_bVg0-reWir7ycIqtDE0i95KGZy75puI'  # Replace with your actual API key
genai.configure(api_key=api_key)

# List of publicly available malware domain lists
MALWARE_DOMAIN_LISTS = [
    "https://mirror.cedia.org.ec/malwaredomains/justdomains",
    "https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt",
    "https://ransomwaretracker.abuse.ch/downloads/RW_IPBL.txt"
]

def fetch_malware_domains_and_ips():
    malware_domains = set()
    malware_ips = set()

    for url in MALWARE_DOMAIN_LISTS:
        try:
            response = requests.get(url)
            response.raise_for_status()

            if url.endswith(".txt"):
                # Process IP blacklists
                for line in response.text.splitlines():
                    if line.strip():
                        try:
                            ip = ipaddress.ip_address(line.strip())
                            malware_ips.add(str(ip))
                        except ValueError:
                            pass
            else:
                # Process domain blacklists
                malware_domains.update(line.strip() for line in response.text.splitlines() if line.strip())

        except requests.exceptions.RequestException as e:
            print(f"Error fetching {url}: {e}")

    return malware_domains, malware_ips

def analyze_apk(apk_file):
    # Create a temporary directory
    with tempfile.TemporaryDirectory() as temp_dir:
        # Save the uploaded APK file to the temporary directory
        temp_file_path = os.path.join(temp_dir, "app.apk")
        with open(temp_file_path, "wb") as temp_file:
            temp_file.write(apk_file.getvalue())

        # Load the APK file
        a = APK(temp_file_path)

        # Extract permissions
        permissions = a.get_permissions()

        # Extract activities
        activities = a.get_activities()

        # Extract services
        services = a.get_services()

        # Extract receivers
        receivers = a.get_receivers()

        # Fetch malware domains and IPs
        malware_domains, malware_ips = fetch_malware_domains_and_ips()

        # Check for malicious domain and IP references
        malicious_domains = []
        malicious_ips = []

        # Analyze the DEX bytecode
        dex_bytes = a.get_dex()
        dex_str = dex_bytes.decode('utf-8', errors='ignore')

        for domain in malware_domains:
            if domain in dex_str:
                malicious_domains.append(domain)

        for ip_str in malware_ips:
            if ip_str in dex_str:
                malicious_ips.append(ip_str)

        return permissions, activities, services, receivers, malicious_domains, malicious_ips
def generate_summary(permissions, activities, services, receivers, malicious_domains, malicious_ips):
    question = "Please summarize the potential security risks and malicious behavior based on the following features extracted from an APK file. Also, give a score out of 100. List out possible vulnerabilities."

    analysis_data = f"""
    - Permissions requested: {', '.join(permissions)}
    - Activities: {', '.join(activities)}
    - Services: {', '.join(services)}
    - Receivers: {', '.join(receivers)}
    - Malicious domains referenced: {', '.join(malicious_domains)}
    - Malicious IP addresses referenced: {', '.join(malicious_ips)}
    """

    prompt = analysis_data

    model = genai.GenerativeModel('gemini-pro')
    response = model.generate_content([prompt, question])
    summary = response.text

    return summary

def main():
    st.title("APK Analysis App")
    uploaded_file = st.file_uploader("Upload APK file", type=["apk"])

    if uploaded_file is not None:
        file_details = {"FileName": uploaded_file.name, "FileType": uploaded_file.type, "FileSize": uploaded_file.size}
        st.write(file_details)

        permissions, activities, services, receivers, malicious_domains, malicious_ips = analyze_apk(uploaded_file)
        summary = generate_summary(permissions, activities, services, receivers, malicious_domains, malicious_ips)

        st.header("Analysis Summary")
        st.write(summary)

if _name_ == "_main_":
    main()