these-android-re/android_of_theseus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
156 commits 1 branch 0 tags 89 MiB
Find a file
Exact
Jean-Marie 'Histausse' Mineau 462d742ce9
add license
2025-11-19 19:24:42 +01:00
experiment fix print 2025-09-17 00:12:57 +02:00
frida add license 2025-11-19 19:24:42 +01:00
matplotlib no androguard, you dont need matplotlib 2025-04-08 12:04:56 +02:00
patcher add license 2025-11-19 19:24:42 +01:00
test_apks demo 2025-09-08 17:07:11 +02:00
theseus_autopatcher add license 2025-11-19 19:24:42 +01:00
.gitignore debugging 2025-03-03 17:40:24 +01:00
LICENSE.txt add license 2025-11-19 19:24:42 +01:00
README.md add license 2025-11-19 19:24:42 +01:00

README.md

Android of Theseus

This is the code implementing the method presented in chapter 5 of the thesis 'The Woes of Android Reverse Engineering: from Large Scale Analysis to Dynamic Deobfuscation', by Jean-Marie Mineau.

The idea is collecting dynamic data like reflection calls and dynamic code loading using Frida, then patch the application to include this data statically. The application can then be analyse with any static analysis tools taking an application as input.

Install

python -m venv venv
source venv/bin/activate
pip install ./theseus-autopatcher

Run

theseus-autopatch -a test_dynloading.apk -o patched.apk -k keystore.ks --keypass 'P@ssw0rd!'

Note: theseus-autopatch embed a patcher binary that will only work on x86_64 linux computer, en even then, the binary is optimized for size instead of speed. You should probably build your own patcher binary for your own architecture and pass it to theseus-autopatch with --patch:

cd patcher
cargo build --release
theseus-autopatch -a test_dynloading.apk -o patched.apk -k keystore.ks --keypass 'P@ssw0rd!' --patch target/release/patcher