CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files, for Android malware analysis. CuckooDroid brings to Cuckoo the capabilities of execution and analysis of android applications.
CuckooDroid provides both static and dynamic APK inspection as well as evading certain VM-detection techniques, encryption key extraction, SSL inspection, API call trace, basic behavioural signatures and many other features.
The framework is highly customizable and extensible – leveraging the power of the large existing Cuckoo community.
Installation
|
1 2 3 4 5 6 7 8 9 10 |
git config --global user.name "Your Name" git clone --depth=1 https://github.com/cuckoobox/cuckoo.git cuckoo -b 1.2 cd cuckoo git remote add droid https://github.com/idanr1986/cuckoo-droid git pull --no-edit -s recursive -X theirs droid master cat conf-extra/processing.conf >> conf/processing.conf cat conf-extra/reporting.conf >> conf/reporting.conf rm -r conf-extra echo "protobuf" >> requirements.txt |
You can download CuckooDroid here:
Or read more here.