原文：http://blog.csdn.net/jiayanhui2877/article/details/8120533

ndroid sandbox 通過利用開源工具動態(tài)分析、靜態(tài)分析android的相關應用，發(fā)現(xiàn)應用的具體行為，從而進行判斷android應用的危險程度，本文重點介紹幾款常用工具。

1、droidbox是基于TaintDroid系統(tǒng)構建的Sandbox，通過hook系統(tǒng)api對apk程序進行監(jiān)控，隨著android SDK的不斷更新，其也要隨之適配。

droidbox:http://code.google.com/p/droidbox/

taintbox:http://appanalysis.org/

DroidBox is developed to offer dynamic analysis of Androidapplications. The following information is shown in the results,generated when analysis is ended:

Hashes for the analyzed package

Incoming/outgoing network data

File read and write operations

Started services and loaded classes through DexClassLoader

Information leaks via the network, file and SMS

Circumvented permissions

Cryptography operations performed using Android API

Listing broadcast receivers

Sent SMS and phone calls

2、Apimonitor

Apimonitor:http://code.google.com/p/droidbox/wiki/APIMonitor

Android is upgrading in a fast speed. To avoid endless porting ofDroidBox, we changed the way to do dynamic analysis. Instead of hooking systems, we interpose APIs in APK files and insert monitoring code. Byrunning the repackaged APK, we can get API call logs and understand APK's behavior.

3、AndroGuard

通過分析主要應用于android應用的靜態(tài)分析

AndroGuard:http://code.google.com/p/androguard/

Description

Androguard is mainly a tool written in python to play with :

* Dex (Dalvik virtual machine) (.dex), and ODex (disassemble, decompilation),

* APK (Android application) (.apk),

* Android's binary xml (.xml).

Androguard is available for Linux/OSX/Windows (python powered).

If you have decided to make a donation for the Androguard project in order to help the developers, click the donate button below for Paypal:

Features

Androguard has the following features :

* Map and manipulate DEX/ODEX/APK format into full Python objects,

* Diassemble/Decompilation/Modification of DEX/ODEX/APK format,

* Access to the static analysis of the code (basic blocks, instructions, permissions (with database from http://www.android-permissions.org/) ...) and create your own static analysis tool,

* Analysis a bunch of android apps,

* Diffing of android applications,

* Measure the efficiency of obfuscators (proguard, ...),

* Determine if your application has been pirated (plagiarism/similarities/rip-off indicator),

* Check if an android application is present in a database (malwares, goodwares ?),

* Open source database of android malware (this opensource database is done on my free time, of course my free time is limited, so if you want to help, you are welcome !),

* Detection of ad/open source librairies (WIP),

* Risk indicator of malicious application,

* Reverse engineering of applications (goodwares, malwares),

* Transform Android's binary xml (like AndroidManifest.xml) into classic xml,

* Visualize your application with gephi (gexf format), or with cytoscape (xgmml format), or PNG/DOT output,

* Integration with external decompilers (JAD+dex2jar/DED/...)

4、其它

http://source.android.com/tech/index.html

The Dalvik Virtual Machine is the heart of Android. It's a fast, just-in-timecompiled, optimized bytecode virtual machine. Android applications arecompiled to Dalvik bytecode and run on the Dalvik VM. This section includesdetailed information such as the Dalvik bytecode format specification,design information on the VM itself, and so on.

總結(jié)

以上是生活随笔為你收集整理的Android 沙箱开源,Android Sandbox（沙箱）开源工具介绍的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。