Android Malware Detection
DEXID is a script written in Perl for displaying the contents of the classes.dex file (the file, which contains the bytecode in the APK files) and also for obtaining identification data for Android malware and using the obtained data to identify known such malware.
License: the author create a specific license in the attached file 'dexid.txt'.
Simple framework to extract "actionable" data from Android malware (C&Cs, phone numbers etc.)
Malice's mission is to be a free open source version of VirusTotal that anyone can use at any scale from an independent researcher to a fortune 500 company.
An Android malware detection framework
A Search Engine to Automatically Collect, Disassemble, Index and Search Android Malware
Evaluation tools for malware Android
Android Market API
Android Marketplace Crawler
A simple app to download from Unofficial Android Marketplace(s)
Uses Google to search for .apks hosted on websites and downloads them
Android Checkin allows you to register a google account as if you were on android.
Google Play Crawler
Android Markets List
Malware Attacks and Defenses
A Script to detect if the Android application is repackaged based on the method proposed by the paper "Exploring reverse engineering symptoms in Android apps"
Fast detection of repackaged Android applications based on the comparison of resource files included into the package.
Contains many different ways to identify hostile environments.
Slides and demo resources presented at HITCON 2014 & XCON 2014-"Guess Where I am-Android模拟器躲避的检测与应对"
Escaping Taint Analysis (and stealing private information) on Android for Fun and Profit
Encrypting a PNG into an Android application
Android anti-root detection Proof of Concept
Malware Samples and PoCs
NOTICE: You should use these tools ONLY for academic purposes.
Android Malware Tracker
An Android RAT trojan with source code.
Android hijack power off
A rootkit for Android. Based on "Android platform based linux kernel rootkit" from Phrack Issue 68