androguard package¶
Subpackages¶
- androguard.core package
- androguard.decompiler package
- Subpackages
- androguard.decompiler.dad package
- Submodules
- androguard.decompiler.dad.ast module
- androguard.decompiler.dad.basic_blocks module
- androguard.decompiler.dad.control_flow module
- androguard.decompiler.dad.dataflow module
- androguard.decompiler.dad.decompile module
- androguard.decompiler.dad.graph module
- androguard.decompiler.dad.instruction module
- androguard.decompiler.dad.node module
- androguard.decompiler.dad.opcode_ins module
- androguard.decompiler.dad.util module
- androguard.decompiler.dad.writer module
- Module contents
- androguard.decompiler.dad package
- Submodules
- androguard.decompiler.decompiler module
- Module contents
- Subpackages
Submodules¶
androguard.misc module¶
-
androguard.misc.
AnalyzeAPK
(_file, session=None, raw=False)¶ Analyze an android application and setup all stuff for a more quickly analysis !
Parameters: - session – A session (default None)
- _file (string or bytes) – the filename of the android application or a buffer which represents the application
Return type: return the
APK
,DalvikVMFormat
, andVMAnalysis
objects
-
androguard.misc.
AnalyzeDex
(filename, session=None)¶ Analyze an android dex file and setup all stuff for a more quickly analysis !
Parameters: - session – A session (Default None)
- filename (string) – the filename of the android dex file or a buffer which represents the dex file
Return type: return the
DalvikVMFormat
, andVMAnalysis
objects
-
androguard.misc.
AnalyzeODex
(filename, session=None)¶ Analyze an android odex file and setup all stuff for a more quickly analysis !
Parameters: - filename (string) – the filename of the android dex file or a buffer which represents the dex file
- session – The Androguard Session to add the ODex to (default: None)
Return type: return the
DalvikOdexVMFormat
, andVMAnalysis
objects
-
androguard.misc.
RunDecompiler
(d, dx, decompiler_name)¶ Run the decompiler on a specific analysis
Parameters: - d (
DalvikVMFormat
object) – the DalvikVMFormat object - dx (
VMAnalysis
object) – the analysis of the format - decompiler (string) – the type of decompiler to use (“dad”, “dex2jad”, “ded”)
- d (
-
androguard.misc.
get_default_session
()¶ Return the default Session from the configuration or create a new one, if the session is None.
-
androguard.misc.
init_print_colors
()¶
-
androguard.misc.
sign_apk
(filename, keystore, storepass)¶ Use jarsigner to sign an APK file.
Parameters: - filename – APK file on disk to sign (path)
- keystore – path to keystore
- storepass – your keystorage passphrase
androguard.session module¶
-
androguard.session.
Load
(filename)¶ load your session!
Parameters: filename (string) – the filename where the session has been saved Return type: the elements of your session :) Example: s = session.Load(“mysession.p”)
-
androguard.session.
Save
(session, filename)¶ save your session!
Parameters: - session – A Session object to save
- filename (string) – output filename to save the session
Example: s = session.Session() session.Save(s, “msession.p”)
-
class
androguard.session.
Session
(export_ipython=False)¶ Bases:
object
-
add
(filename, raw_data, dx=None)¶
-
addAPK
(filename, data)¶ Add an APK file to the Session and run analysis on it.
Parameters: - filename – (file)name of APK file
- data – binary data of the APK file
Returns: a tuple of SHA256 Checksum and APK Object
-
addDEX
(filename, data, dx=None)¶ Add a DEX file to the Session and run analysis.
Parameters: - filename – the (file)name of the DEX file
- data – binary data of the dex file
- dx – an existing Analysis Object (optional)
Returns: A tuple of SHA256 Hash, DalvikVMFormat Object and Analysis object
-
addDEY
(filename, data, dx=None)¶
-
get_all_apks
()¶
-
get_analysis
(current_class)¶
-
get_classes
()¶
-
get_digest_by_class
(current_class)¶
-
get_filename_by_class
(current_class)¶
-
get_format
(current_class)¶
-
get_nb_strings
()¶
-
get_objects_apk
(filename, digest=None)¶
-
get_objects_dex
()¶
-
get_strings
()¶
-
isOpen
()¶ Test if any file was analyzed in this session
Returns: True if any file was analyzed, False otherwise
-
reset
()¶
-
androguard.util module¶
-
androguard.util.
get_certificate_name_string
(name, short=False)¶ Return the distinguished name of an X509 Certificate
Parameters: - name (
cryptography.x509.Name
) – Name object to return the DN from - short (Boolean) – Use short form (Default: False)
Return type: str
- name (
-
androguard.util.
read
(filename, binary=True)¶