{"id":20333792,"url":"https://github.com/brant-ruan/idf4apev","last_synced_at":"2026-05-11T00:33:46.301Z","repository":{"id":172978698,"uuid":"182337608","full_name":"brant-ruan/IDF4APEV","owner":"brant-ruan","description":"Integrated Detection Framework for Android's Privilege Escalation Vulnerabilites","archived":false,"fork":false,"pushed_at":"2020-09-25T05:55:39.000Z","size":2944,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-14T15:54:53.187Z","etag":null,"topics":["android-security","privilege-escalation","vulnerability-detection"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/brant-ruan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-04-19T23:37:44.000Z","updated_at":"2024-09-09T15:31:34.000Z","dependencies_parsed_at":null,"dependency_job_id":"ea76d836-157d-425a-994a-198218cd0d2b","html_url":"https://github.com/brant-ruan/IDF4APEV","commit_stats":null,"previous_names":["brant-ruan/idf4apev"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brant-ruan%2FIDF4APEV","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brant-ruan%2FIDF4APEV/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brant-ruan%2FIDF4APEV/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brant-ruan%2FIDF4APEV/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/brant-ruan","download_url":"https://codeload.github.com/brant-ruan/IDF4APEV/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241852158,"owners_count":20030969,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android-security","privilege-escalation","vulnerability-detection"],"created_at":"2024-11-14T20:33:18.017Z","updated_at":"2026-05-11T00:33:46.258Z","avatar_url":"https://github.com/brant-ruan.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# IDF4APEV\n\n## Overview\n\n![banner.png](https://github.com/brant-ruan/IDF4APEV/blob/master/resources/images/banner.png)\n\n**IDF4APEV** refers to *Integrated Detection Framework for Android's Privilege Escalation Vulnerabilites*.\n\n## Developing Process\n\n```\nDesign\u0026Structure    [√]\npoc_code/           [√]\npocs.json           [√]\nvulnabilities.json  [√]\ndevice.py           [√]\npoc.py              [√]\nvulnerability.py    [√]\nresult.py           [√]\ncommander.py        [√]\nbuilder.py          [√]\nexecuter.py         [√]\nidfconsole          [√]\ntest the whole idf  [√]\n```\n\n## Usage\n\n```bash\nshow banner\nshow devices\nshow pocs\nshow cves\n# diagnose\ndiagnose DEVICE_NAME\ndiagnose all\n# trigger\ncheck all all\ncheck all POC_NAME\ncheck DEVICE_NAME POC_NAME\ncheck DEVICE_NAME all\n# export report as markdown file into reports/\nexport\n# clean result auto-generated before\nreset\n```\n\n## Technical Principles\n\n### Diagnosis\n\n1. If one device's kernel version is NOT located in the range of vulnerable version, it MAY BE not vulnerable.\n2. If one device's security-update-date is later than the patch-date of a vulnerability, it MAY BE not vulnerable.\n\nDiagnosis is not reliable because of many elements. For a good \u0026 sarcastic example you can see the post [HOW ANDROID PHONES HIDE MISSED SECURITY UPDATES FROM YOU](https://www.wired.com/story/android-phones-hide-missed-security-updates-from-you/).\n\n### Triggering\n\nPoC tells us whether one device is vulnerable or not.\n\n## Installation\n\n### Python Modules\n\n```bash\npip install -r requirements.txt\n```\n\n### ndk\n\nYou need to download ndk for your platform (Windows/Mac OS/Linux, etc.) and append the directory of `ndk-build` to `$PATH`.\n\n### adb\n\nYou need to download adb and append the directory of `adb` to `$PATH`. \n\n## Demo\n\n![demo.jpg](https://github.com/brant-ruan/IDF4APEV/blob/master/resources/images/demo.jpg)\n\n## Extra\n\n### Advantages of a Command Line Interface\n\n- **portability** almost any computer is able to drive a text terminal, so a command line interface can really run everywhere.\n- **resources** the CPU and memory cost of a command line interface is far lighter than a GUI library.\n- **speed** for advanced users, it's often faster to type a command than to dive into menus and windows.\n- **development** It is far faster to create a text oriented interface.\n- **driving** you can easily drive a text oriented program with the popen command. That means that the whole application can be tested automatically.\n\n## Acknowledgement\n\nThe banner is created with the help of *toilet*, which is a very interesting tool and can be installed through `brew install toilet` on Mac OSX :)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrant-ruan%2Fidf4apev","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbrant-ruan%2Fidf4apev","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrant-ruan%2Fidf4apev/lists"}