Tools Automated Threat Intelligent System integrated with McAfee Advanced Threat Defense and Malware Information Sharing Platform 02/09/2019 Anastasis Vasileiadis Automated Threat Intelligent System An improvised automated threat intelligent system with advanced vulnerability scanners and Opensource Intelligence Information gathering python scripts when integrated with McAfee Advanced Threat Defense and Malware Information Sharing Platform can defend against new and futuristic cyber attacks. ATD-MISP with OpenDXL This integration is focusing on the automated threat intelligence collection with McAfee ATD, OpenDXL, and MISP. McAfee Advanced Threat Defense (ATD) will produce local threat intelligence that will be pushed via DXL. An OpenDXL wrapper will subscribe and parse indicators ATD produced and will import indicators into a threat intelligence management platform (MISP). Component Description McAfee Advanced Threat Defense (ATD) ...
[BlackHat tool] smalien: Information flow analysis tool for Android applications
Investigating how an application handles users’ privacy-sensitive information is essential for mobile security researchers to understand the behavior of the application and determine whether it is harmless or malicious. Our information flow analysis and information leakage detection tool, called SMALIEN, should be a good buddy when you start a journey of Android application analysis. Once you give an application to our tool, it understands the application thoroughly by executing static information flow analysis of Dalvik bytecode files extracted from the application. It performs not only static analysis but also dynamic analysis, implicit information flow detection, and privacy policy enforcement (PPE) at runtime by parasitizing the application. Smalien instruments additional bytecode to the application and the bytecode executes dynamic analysis when the application has launched on an Android device.
Smalien is an information flow analysis and information leakage detection tool for Android application analysts. Smalien performs static taint analysis of Android applications on a Linux machine as well as dynamic taint analysis, detection of information leakage due to implicit information flows, and privacy policy enforcement on an Android device at runtime.
Investigating how an application handles users’ privacy-sensitive information is essential for mobile security researchers to understand the behavior of the application and determine whether it is harmless or malicious. Our information flow analysis and information leakage detection tool, called SMALIEN, should be a good buddy when you start a journey of Android application analysis. Once you give an application to our tool, it understands the application thoroughly by executing static information flow analysis of Dalvik bytecode files extracted from the application. It performs not only static analysis but also dynamic analysis, implicit information flow detection, and privacy policy enforcement (PPE) at runtime by parasitizing the application. Smalien instruments additional bytecode to the application and the bytecode executes dynamic analysis when the application has launched on an Android device.
Smalien is an information flow analysis and information leakage detection tool for Android application analysts. Smalien performs static taint analysis of Android applications on a Linux machine as well as dynamic taint analysis, detection of information leakage due to implicit information flows, and privacy policy enforcement on an Android device at runtime.
Smalien has the following functions
- Analyzing an Android application statically and gathers information of classes, methods, variables, etc.
- Presenting the results of the analysis graphically such as a method call graph and an information flow diagram.
- Performing dynamic taint analysis on an Android device.
- Enforcing privacy policy specified by an analyst.
- Detecting information leakage due to implicit information flows.
- Logging actual information operated by any bytecode or API call, such as http request, at runtime to encourage an analyst in his/her inspection.
- Analyzing an Android application statically and gathers information of classes, methods, variables, etc.
- Presenting the results of the analysis graphically such as a method call graph and an information flow diagram.
- Performing dynamic taint analysis on an Android device.
- Enforcing privacy policy specified by an analyst.
- Detecting information leakage due to implicit information flows.
- Logging actual information operated by any bytecode or API call, such as http request, at runtime to encourage an analyst in his/her inspection.
ความคิดเห็น
แสดงความคิดเห็น