Skip to content
Auditing behaviour of Android Apps
Branch: master
Clone or download

Latest commit

Fetching latest commit…
Cannot retrieve the latest commit at this time.


Type Name Latest commit message Commit time
Failed to load latest commit information.


AppAudit is an efficient program analysis tool that detects data leaks in mobile applications. It can accurately find all leaks within seconds and ~200 MB memory. We have an Android port that shows AppAudit is efficient enough to run as an Android app on off-the-shelf smartphones.

  • If you are interested in the tool itself and is looking for the building blocks of AppAudit, please visit PATDroid. We have open-sourced common Android program analysis code there.
  • If you want to use AppAudit to scan apps, visit
  • If you are looking for the paper or the bibtex. Please click here
 author = {Mingyuan Xia and Lu Gong and Yuanhao Lyu and Zhengwei Qi and Xue Liu},
 title = {Effective Real-time Android Application Auditing},
 booktitle = {Proceedings of the 2015 IEEE Symposium on Security and Privacy},
 series = {SP '15},
 year = {2015},
 publisher = {IEEE Computer Society},
  • If you are looking for SDK, check out this python snippet
import requests, pprint, time, sys

if len(sys.argv) < 2:
	print 'Usage: python APK_FILE'

# stage 1: upload the file to the server
files={'file':open(sys.argv[1], 'rb')}
r = + 'upload/', files=files)
if r.status_code != 200:
	print('upload failed, try again')
# 'upload' endpoint returns the partial sha1 of the file
# stage 2: check the scan results
psha1 = r.content
while True:
	report=requests.get(api_server + 'report/find/'+psha1).json()
	if 'scanned' in report['status_msg']: break

You can find this script in the repo as well. Note that currently we set no rate limit for upload requests. However our server has a limited bandwidth, please email me if you want to scan large datasets.

  • If you are interested in the current and future development, send me an Email :=)
You can’t perform that action at this time.