{"id":13841626,"url":"https://github.com/Pithus/bazaar","last_synced_at":"2025-07-11T12:33:23.938Z","repository":{"id":38207530,"uuid":"317526934","full_name":"Pithus/bazaar","owner":"Pithus","description":"Android security \u0026 privacy analysis for the masses","archived":false,"fork":false,"pushed_at":"2023-04-25T11:25:19.000Z","size":13307,"stargazers_count":271,"open_issues_count":47,"forks_count":27,"subscribers_count":12,"default_branch":"master","last_synced_at":"2024-08-05T17:28:48.572Z","etag":null,"topics":["android","malware-analysis","reverse-engineering"],"latest_commit_sha":null,"homepage":"https://beta.pithus.org/","language":"CSS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Pithus.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-12-01T11:59:10.000Z","updated_at":"2024-07-18T18:39:27.000Z","dependencies_parsed_at":"2023-02-15T07:31:52.497Z","dependency_job_id":null,"html_url":"https://github.com/Pithus/bazaar","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Pithus%2Fbazaar","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Pithus%2Fbazaar/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Pithus%2Fbazaar/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Pithus%2Fbazaar/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Pithus","download_url":"https://codeload.github.com/Pithus/bazaar/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225720438,"owners_count":17513601,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","malware-analysis","reverse-engineering"],"created_at":"2024-08-04T17:01:17.092Z","updated_at":"2025-07-11T12:33:23.926Z","avatar_url":"https://github.com/Pithus.png","language":"CSS","funding_links":[],"categories":["CSS"],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/Pithus/bazaar/master/bazaar/static/images/logo.png\"\u003e\u003c/p\u003e\n\n[![Built with Cookiecutter Django](https://img.shields.io/badge/built%20with-Cookiecutter%20Django-ff69b4.svg)](https://github.com/pydanny/cookiecutter-django/)\n\n# Pithus\nPithus is a free and open-source platform to analyze Android applications for activists, journalists, NGOs, researchers...\n\nAnalyses, which we want to be as comprehensive as possible, rely on multiple well-known tools such as:\n* [APKiD](https://github.com/rednaga/APKiD)\n* [ssdeep](https://github.com/DinoTools/python-ssdeep)\n* [Dexofuzzy](https://github.com/ESTsecurity/Dexofuzzy)\n* [Quark-Engine](https://github.com/quark-engine/quark-engine)\n* [AndroGuard](https://github.com/androguard/androguard)\n* [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF)\n* [Exodus-core](https://github.com/Exodus-Privacy/exodus-core)\n\nWhen an APK is submitted, it is analyzed by the different tools listed above. Each report is stored in [ElasticSearch](https://www.elastic.co/). Analysis steps are defined in [tasks.py](https://github.com/Pithus/bazaar/blob/master/bazaar/core/tasks.py) file.\n\nThe beta version is available at [beta.pithus.org](https://beta.pithus.org/).\n\n# Development environment setup\n\nPithus is currently in beta so if you want to contribute, please refer to the [Cookiecutter documentation](https://cookiecutter-django.readthedocs.io/en/latest/).\n\nOn Linux:\n\n```sh\ngit clone git@github.com:Pithus/bazaar.git\ncd bazaar\n```\nIt is possible to run the entire development stack with [docker-compose](https://docs.docker.com/compose/install/):\n\n```sh\n# Build the project\ndocker-compose -f local.yml build\n\n# Run the project\ndocker-compose -f local.yml up\n\n# Alternatively you can add -d to run it as a daemon\ndocker-compose -f local.yml up -d\n```\n\nThen browse to [http://localhost:8001](http://localhost:8001) and enjoy Pithus!\n\n⚠️**Important**⚠️:\n\nIt is possible that you might have an error for a missing index while browsing to the address the first time. It is probable that Django hasn't been properly loaded. To fix that, add a blank line in any of the Django files, save it and refresh the page in the browser.\n\n## Set up the internal Python interpreter with Visual Studio Code\n\nIt is possible to run the entire development environment in a Docker container. This will allow you to run on the same Python interpreter as anyone else contributing to this project. To do so with Visual Studio Code, follow these steps:\n\n* Install the [Python](https://marketplace.visualstudio.com/items?itemName=ms-python.python) and the [Remote Containers](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers) extensions.\n* Open the command palette and look for the option: \"Remote Containers: Attach to running container\".\n* Choose `bazaar_local_django`.\n* VSCode will restart, and you will be presented with a new window of VSCode.\n* Open the file explorer and open the folder `/app`, the code is there.\n* You are all set up!\n\n*Note*: By default, only your theme and the Remote Containers will be installed, you will need to install more extension in the Docker manually. However, your settings will be imported automatically.\n\nMore information on developping in a container in the Visual Studio Code [documentation](https://code.visualstudio.com/docs/remote/containers).\n\n## SASS\nTo apply SASS file changes, just run the following command:\n```\nsassc bazaar/static/front/sass/project.scss backend/static/front/css/project.css\n```\n## Reindex after adding a new field\n```python\nfrom django.conf import settings\nfrom elasticsearch import Elasticsearch\nimport json\n\nes = Elasticsearch(settings.ELASTICSEARCH_HOSTS)\nmapping = json.load(open('bazaar/es_mappings/apk_analysis.json'))\nes.indices.put_mapping(index=settings.ELASTICSEARCH_APK_INDEX, body=mapping.get('mappings'))\n```\n# Community\n\nDo you have questions? Do you want to chat with us? Come join us on our discord: [https://discord.gg/PgdKfp4VMQ](https://discord.gg/PgdKfp4VMQ).\n\nYou can also preview some features, explore the tools and our work process on TryHackMe with our own featured room! [https://tryhackme.com/room/androidmalwareanalysis](https://tryhackme.com/room/androidmalwareanalysis)\n\n# Useful commands\n\n```\n# have a logged user while running a local instance\ndocker-compose -f local.yml run --rm django python manage.py createsuperuser\n# login on http://localhost:8001/admin\n\n# help on manage.py\ndocker-compose -f local.yml run django python manage.py -h\n\n# update reports, see tasks.py for reference\ndocker-compose -f local.yml run django python manage.py update_reports HASH [mbfvascqgy]\n\n# logs\ndocker-compose -f local.yml logs\ndocker-compose -f local.yml logs -f django\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FPithus%2Fbazaar","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FPithus%2Fbazaar","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FPithus%2Fbazaar/lists"}