{"id":13438146,"url":"https://github.com/zyrikby/StaDynA","last_synced_at":"2025-03-19T18:32:06.097Z","repository":{"id":28258117,"uuid":"31768132","full_name":"zyrikby/StaDynA","owner":"zyrikby","description":"StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications","archived":false,"fork":false,"pushed_at":"2023-04-01T12:05:18.000Z","size":9,"stargazers_count":22,"open_issues_count":0,"forks_count":10,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-10-27T23:24:53.706Z","etag":null,"topics":["android","android-security","dynamic-analysis","java","python","research","static-analysis"],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zyrikby.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2015-03-06T12:22:59.000Z","updated_at":"2024-10-21T10:56:40.000Z","dependencies_parsed_at":"2022-08-02T11:46:59.532Z","dependency_job_id":"2bbf2d58-64af-4c97-b6ce-09be4fc0a038","html_url":"https://github.com/zyrikby/StaDynA","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zyrikby%2FStaDynA","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zyrikby%2FStaDynA/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zyrikby%2FStaDynA/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zyrikby%2FStaDynA/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zyrikby","download_url":"https://codeload.github.com/zyrikby/StaDynA/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244483490,"owners_count":20460125,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","android-security","dynamic-analysis","java","python","research","static-analysis"],"created_at":"2024-07-31T03:01:03.225Z","updated_at":"2025-03-19T18:32:06.090Z","avatar_url":"https://github.com/zyrikby.png","language":null,"funding_links":[],"categories":["Android Security","Tools"],"sub_categories":["Dynamic Analysis Tools"],"readme":"# StaDynA: Addressing the Problem of Dynamic Code Updates in the Security \nAnalysis of Android Applications\n\n# UPDATE: From now on the code is temporary available upon request.\nPlease, check how to contact me on [my personal website](https://zhauniarovich.com).\n\n\n\n## Description\nStaDynA is a system supporting security app analysis in the presence of dynamic\ncode update features (dynamic class loading and reflection).\n\nOur tool combines static and dynamic analysis of Android applications in order\nto reveal the hidden/updated behavior and extend static analysis results with\nthis information.\n\nThis work has been done at the University of Trento.\n\n\n\n\n## Publication\nThe results of our research were presented at the 5th ACM Conference on Data \nand Application Security and Privacy (ACM CODASPY 2015). Please use the \nfollowing bibtex reference to cite our paper:\n\n```\n@inproceedings{StaDynA_Zhauniarovich2014,\n    author = {Zhauniarovich, Yury and Ahmad, Maqsood and Gadyatskaya, Olga and Crispo, Bruno and Massacci, Fabio},\n    title = {{StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications}},\n    booktitle = {Proceedings of the 5th ACM Conference on Data and Application Security and Privacy},\n    series = {CODASPY '15},\n    year = {2015},\n    pages = {37--48},\n    url = {http://doi.acm.org/10.1145/2699026.2699105},\n    doi = {10.1145/2699026.2699105},\n    publisher = {ACM}\n}\n``` \n\n\n## Usage\nOur tool consists of two parts: a server and a client. The server side of\nStaDynA is a Python program that interacts with a static analysis tool. \nCurrently, StaDynA uses AndroGuard as a static analyzer. The client side is the\ncode run either on a real device or on an emulator.\n\nThe instructions how to build client side can be found in the corresponding \nfolder.\n\nTo run the analysis of an Android application, after connecting a device running\nclient side, execute the server side Python script:\n\n```\npython stadyna.py -i \u003cinputApk\u003e -o \u003cresultFolder\u003e\n```\n\nwhere *inputApk* is a path to the apk file to be analyzed, and *resultFolder* is\nthe path where the results of the analysis will be stored.\n\n\n## Dependencies\n1. [networkx](https://networkx.github.io/) released under BSD license.\n2. [AndroGuard](https://code.google.com/p/androguard/) released under Apache-2.0\nlicense.\n\n\n \n## License\nThe tool is distributed under Apache-2.0 license. The citation of the paper is \nhighly appreciated.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzyrikby%2FStaDynA","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzyrikby%2FStaDynA","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzyrikby%2FStaDynA/lists"}