System : ubuntu 14.04 LTS
python3.0--scikit-learn安裝:
# lapack是跟線性代數有關的工具包,安裝相關庫
sudo apt-get -y install python3-dev python3 python3-pip liblapack-dev libblas-dev python3-scipy python3-numpy python3-numpy-dev libatlas-dev g++ python3-pandas python3-matplotlib cmake gcc-multilib
sudo pip3 install -U scikit-learn
安裝pwn
python3.0--pwntools版本:
sudo apt-get update
sudo apt-get -y install python3 python3-pip python3-dev git libssl-dev libffi-dev build-essential
sudo pip3 install --upgrade pip
sudo pip3 install --upgrade pwntools --ignore-installed pyparsing
如果出現以下報錯:
bing@Xstorm:~$ python3
Python 3.4.3 (default, Nov 28 2017, 16:41:13)
[GCC 4.8.4] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from pwn import *
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/local/lib/python3.4/dist-packages/pwn/__init__.py", line 4, in <module>
from pwn.toplevel import *
File "/usr/local/lib/python3.4/dist-packages/pwn/toplevel.py", line 20, in <module>
import pwnlib
File "/usr/local/lib/python3.4/dist-packages/pwnlib/__init__.py", line 43, in <module>
importlib.import_module('.%s' % module, 'pwnlib')
File "/usr/lib/python3.4/importlib/__init__.py", line 109, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "/usr/local/lib/python3.4/dist-packages/pwnlib/args.py", line 61, in <module>
from pwnlib import term
File "/usr/local/lib/python3.4/dist-packages/pwnlib/term/__init__.py", line 5, in <module>
from pwnlib.term import completer
File "/usr/local/lib/python3.4/dist-packages/pwnlib/term/completer.py", line 6, in <module>
from pwnlib.term import readline
File "/usr/local/lib/python3.4/dist-packages/pwnlib/term/readline.py", line 7, in <module>
from pwnlib.term import term
File "/usr/local/lib/python3.4/dist-packages/pwnlib/term/term.py", line 167
def goto((r, c)):
^
SyntaxError: invalid syntax
>>> exit()
解決方法:
pip3 install git+https://github.com/arthaud/python3-pwntools.git
python2.7--pwntools版本:
sudo apt-get update
sudo apt-get install python2.7 python-pip python-dev git libssl-dev libffi-dev build-essential
sudo pip install --upgrade pip
sudo pip install --upgrade pwntools
sudo pip install --upgrade pip
sudo pip install --upgrade pwntools
gdb--peda插件:
git clone https://github.com/longld/peda.git ~/peda
echo "source ~/peda/peda.py" >> ~/.gdbinit
echo "DONE! debug your program with gdb and enjoy"
gdb--pwndbg插件:
git clone https://github.com/pwndbg/pwndbg
cd pwndbg
./setup.sh
java&wine安裝:
sudo add-apt-repository ppa:webupd8team/java
sudo add-apt-repository ppa:wine/wine-builds
sudo apt-get update
sudo apt-get -y install --install-recommends wine-staging
sudo apt-get -y install wine
sudo apt-get -y install oracle-java8-installer oracle-java8-set-default
sudo update-alternatives --config java
sudo vim /etc/environment
JAVA_HOME="/usr/lib/jvm/java-8-oracle"
source /etc/environment
echo $JAVA_HOME
docker安裝:
sudo apt-get -y install apt-transport-https
curl -sSL https://get.docker.com/ | sh
sudo /etc/init.d/docker start
vim--YouCompleteMe插件安裝:
sudo apt-get install -y vim-youcompleteme
sudo apt-get install -y vim-addon-manager
vam install youcompeleteme
1.接着再次打開 .vimrc 配置YCM,添加內容如下:
filetype off " required!
set rtp+=~/.vim/bundle/vundle/
call vundle#rc()
Plugin 'Valloric/YouCompleteMe'
filetype plugin indent on " required!
let g:ycm_global_ycm_extra_conf='~/.vim/bundle/YouCompleteMe/third_party/ycmd/cpp/ycm/.ycm_extra_conf.py'
2.爲了補全,我們還需要在 .ycm_extra_conf.py 文件中進行配置,vim ~/.vim/bundle/YouCompleteMe/third_party/ycmd/cpp/ycm/.ycm_extra_conf.py;添加信息如下:
'-isystem',
'/usr/include',
'-isystem',
'/usr/include/c++/4.8.4',
'-isystem',
'/usr/include/c++/4.9.2',
'-isystem',
'/usr/include',
'/usr/include/x86_64-linux-gnu/c++',
實際上以上是vim自動補全時搜索路徑,如果自動補全的內容位於/usr/local/include裏面,則添加以下信息:
'-isystem',
'/usr/local/include',
根據實際的/usr/include/c++/中的文件夾名稱(即C++版本號)修改:
'-isystem',
'/usr/include/c++/4.8.4',
'-isystem',
'/usr/include/c++/4.9.2',
https://www.aliyun.com/jiaocheng/780711.html
https://github.com/Valloric/YouCompleteMe
安卓逆向工具:
IDA可直接複製到ubuntu系統
apktool等簽名工具也可以複製進去
測試工具集
– 代碼反編譯:apktool,JEB,jadx-gui,luyten;IDA
– 動態調試:apktool v2 + netbeans,jdb/droidDebugger;IDA, gdb
– 網絡抓包:burp/fiddler2;tcpdump
– 利用模擬器:emulator,bluestacks,genymotion
通信分析
Mallory TCP and UDP proxy,it sees all traffic and allows you to manipulate and fuzz it
ADVsock2pipe capture network data with tcpdump on Linux or iPhone/iPad to see the capture in (almost) real-time in Wireshark on windows
Fiddler windows
PonyDebugger remote network and data debugging for your native iOS app using Chrome Developer Tools
WAPT web application load, stress and performance testing
逆向分析
反彙編
smali/baksmali disassembler(smali mode)
Dedexer disassembler(ddx mode)
radare the reverse engineering framework
smiasm reverse engineering framework
REDEXER This tool is able to parse a DEX file into an in-memory data structure; to infer with which parameters the app uses certain permissions (we name this feature RefineDroid); to modify and unparse that data structure to produce an output DEX file (we name these features Dr. Android, which stands for Dalvik Rewriting for Android)
Virtuous Ten Studio modification of android application windows
AppInspect commercial software
反編譯
JD-GUI java decompiler
JAD java decompiler
soot java optimization framework
Dava a tool-independent compiler for java
apk-extractor 反編譯工具 windows平臺(用來查看java源碼)
JEB the interactive Android Decompiler commercial software
AndroChef java Decompiler Information commercial software
簽名
keytool/jarsigner (Sun java 簽名)
openssl
signapk(Android簽名)
Auto-sign(Android簽名)
AXMLPrinter2 AXML converter
axml2xml AXML converter
資源編輯工具
AndroidResEdit windows
apk-recovery recover main resources from apk file
權限分析
STOWAWAY A static analysis tool and permission map for identifying permission use in Android applications
manitree AndroidManifest.xml security auditor
動態分析
Droidbox an Android system image, which can log and output behaviors of applications running in it.
APIMonitor a tool which can automatically modify APK file and add log codes for sensitive APIS
apk-view-tracer apk automated testing interface and event trigger tool for apk dynamic analysis (open-API for developer)
靜態分析
APKInspector 重要
androwam 檢測Android APP中潛在的惡意行爲
otertool swiss army knife of android hacking
apkanalyser 重要(用來查看smali)
ART Android reverse tools
FindBugs find bugs in java program
Agnitio 源碼審查 windows
PWD(Java source code analyzer. It finds unused variables, empty catch blocks, unnecessary object creation, and so forth)
安全審計
Androguard 重要,很多工具的基礎
mercury a framework for exploring the Android platform to find vulnerabilities and share proof-of-content exploits
ASEF android security evaluation framework
AntiLVL subvert Android License Verification Library, Amazon Appstore DRM and Verizon DRM, also disables many anti-cracking and anti-tampering protection methods
調試
agdb an android cross platform gdb wrapper
Phone to Phone Android Debug Bridge
Android保護
APKFuscator a generic DEX file obfuscator and munger
de4dot .NET deobfuscator and unpacker written in C#
sec-distros
1.reverse engineering
(1)Androguard
(2)AntiLvL
(3)APK Tool
(4)smali/baksmali
(5)Dex2jar/JD-GUI
(6)Jasmin
(7)Mercury
(8)Radare2
(9)Bulb Security SPF
2.wireless analyzers
(1)Wireshark
(2)TCPDUMP
(3)DSniff
(4)mitmproxy
(5)dnschef
(6)Chaaosreader
3.penetration
(1)BurpSuite
(2)NMAP (zenmap)
(3)SSL strip
(4)w3af
(5)ettercap
AppUse Android Pentest Platform Unified standalone environment
OSAF Open source Android Forensics Toolkit (推薦)
ARE android reverse engineering
在線分析
Anubis analyzing Unknown binaries(windows executable,android APK, suspicious URL)
SandDroid an APK analysis sandbox 西安交通大學
Mobile Sandbox malicious behaviour analyze
ComDroid a staic analysis tool for identifying application communication-based vulnerabilities (Intent: inter-application)
Bytecode scanner scan Android APP and report bytecode misusage which can cause your device to stuck in a boot loop
VirusTotal analyzes suspicious files and URLs
取證分析
DFF digital forensics framework
LIME forensics linux memory extractor
安全框架
其他
APK Downloader Downloader APK files from Android Market to PC
Real APK Leecher Downloader APK files from Android Market to PC windows
ExploitMe mobile android Labs APK漏洞演示
Pandemobium collection of intentionally-vulnerable mobile applications
TaintDroid realtime privacy monitoring on Smartphones
AndroidXRef android源碼查看
OWASP GoatDroid training environment for educating developers and testers on Android security
smartphonesdumbapps analyze Android and iPhone applications as well as to run Fortify SCA scans on Android Java application source code
cloring for smali files: emacs vim editplus
dexInspector windows
smart phones dumb apps tools from denim group for analyzing the security of smartphone applications
seek for android SmartCard API
APK
Root Explorer 文件管理
Busybox Pro
su授權管理
GameKiller, GameCIH, GameGuardian 內存修改
DroidVPN
X-Ray Android vulnererabilities scanner
c-ray Android application security scanner
dSploit an android network penetration suite (需要root與busybox)
FaceNiff Facebook session hijacking
DroidSheep session hijacking
wifi file transfer pro
in-appstore.com google play 免費內購
Fing 網絡工具包
Network Discovery
Network Info II
Shark for root
DroidCAT finding all ethical hacking / information security related application published in android domain
以下是來自iSECPartner
取證apk AndroidForensics.apk ForenDroid.apk
Anti android Network toolkit
anmap Android Network Mapper