Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/am1goo/bloodseeker-unity

Easy-as-dumb toolkit to prevent any malicious injections in your Android app. Beware of cheaters!
https://github.com/am1goo/bloodseeker-unity

android anticheat apk apk-parser dex malware-analysis prevention sdk toolkit unity

Last synced: 2 months ago
JSON representation

Easy-as-dumb toolkit to prevent any malicious injections in your Android app. Beware of cheaters!

Host: GitHub
URL: https://github.com/am1goo/bloodseeker-unity
Owner: am1goo
License: mit
Created: 2024-01-19T13:39:01.000Z (11 months ago)
Default Branch: main
Last Pushed: 2024-04-13T13:10:17.000Z (9 months ago)
Last Synced: 2024-10-11T10:15:18.397Z (3 months ago)
Topics: android, anticheat, apk, apk-parser, dex, malware-analysis, prevention, sdk, toolkit, unity
Language: C#
Homepage:
Size: 2.31 MB
Stars: 145
Watchers: 2
Forks: 4
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        

# Bloodseeker for Unity

Easy-as-dumb toolkit to prevent any malicious injections in your `Android` apps \

Beware of cheaters!

## Features

- search of abnormal files, packages, libraries and even values in `AndroidManifest.xml`

- apk or files checksum validation

- delivery of information about newest threats to users from your own server (via secured and encrypted remote update)

## What's inside?

- .NET wrapper for Unity

- [bloodseeker-android](https://github.com/am1goo/bloodseeker-android) implementation as `.aar` library

#### Unity Plugin

##### via Unity Package Manager

The latest version can be installed via [package manager](https://docs.unity3d.com/Manual/upm-ui-giturl.html) using following git URL: \

`https://github.com/am1goo/bloodseeker-unity.git#0.2.7`

##### via OpenUPM

The latest version can be installed via using following URL: \

https://openupm.com/packages/com.am1goo.bloodseeker

#### How to use

```csharp

using BloodseekerSDK;

using BloodseekerSDK.Android;

[SerializeField]

private TextAsset _localUpdateFile;

IEnumerator Start()

{

    var op = Bloodseeker

    //create instance of Bloodseeker

    .Create()

    //use local encrypted and pre-configured file with actual trails

    .SetLocalUpdateConfig(new LocalUpdateConfig

    {

        file = new TextAssetFile(_localUpdateFile),

        secretKey = "YourSecretKey",

    })

    //or download and update trails from your remote server

    .SetRemoteUpdateConfig(new RemoteUpdateConfig

    {

        //url where sdk have access to file with update

        url = "https://your.custom.domain/path/to/file.bmx",

        //secret key to decrypt (or "unlock") file

        secretKey = "YourSecretKey",

        //cache time to live (in seconds)

        cacheTTL = 60,

    })

     //it will be converted to libSomeLibrary.so

    .AddTrail(new LibraryTrail("SomeLibrary"))

    //any java class can be found here

    .AddTrail(new ClassNameTrail("xyz.abc.CheatActivator"))

    //you can use package name instead of class name (but it's much slower)

    .AddTrail(new PackageNameTrail("xyz.abc"))

    //any files in base apk can be found here

    .AddTrail(new PathInApkTrail("META-INF/MANIFEST.MF"))

    //check node "application/activity" contains "android:name" with value "com.unity3d.player.UnityPlayerActivity"

    .AddTrail(new AndroidManifestXmlTrail(AndroidManifestXmlTrail.Looker.UnityPlayerActivity()))

    //check node "application/provider" contains "android:name" with value "com.facebook.internal.FacebookInitProvider"

    .AddTrail(new AndroidManifestXmlTrail(new AndroidManifestXmlTrail.Looker(

        nodes:      new string[] { "application", "provider" },

        attribute:  "android:name",

        value:      "com.facebook.internal.FacebookInitProvider"

    )))

    //start seeking anything in these trails

    .SeekAsync();

    yield return op;

    var report = op.report;

    switch (report.result)

    {

        case Report.Result.NotInitialized:

            Debug.LogError("SDK not initialized");

            break;

        case Report.Result.Found:

            Debug.LogError($"Found strange code: {string.Join(";", report.evidence)}");

            break;

        case Report.Result.Ok:

            Debug.Log("Everything okay, go ahead!");

            break;

    }

}

```

## What's next?

- [ ] Redesign of `AndroidManifestXmlTrail` (more flexibility and functionality), serialization support

## Requirements

- Minimal SDK 19 (Android 4.4, KitKat)

## Plugin supports

- Perfectly works with [Beebyte Obfuscator](https://www.beebyte.co.uk/), but in some cases you should add `Bloodseeker.Runtime.dll` to array `Assemblies` in `ObfuscatorOptions.asset`

## Tested in

- Unity 2019.4.x

- Unity 2020.3.x

## Contribute

Contribution in any form is very welcome. Bugs, feature requests or feedback can be reported in form of Issues.