it's not very easy to use the export of gexf file in androguard.
After the export of the gexf file :
desnos@t0t0:~/androguard$ ./androgexf.py -i apks/malwares/BaseBridge/com.keji.sendere.apk -o sendere.gexf
desnos@t0t0:~/androguard$
Most of the times you will have something like that :
which is not very usable. You must apply a layout in gephi to have something better :
and you will have a classical (but huge) graph :
You must activate :
- the node labels
- color node associated with the object
- the size of the label
as in this picture :
After that you must search color node in the graph in order to find interestings methods as :
And you can create filter to isolate all particular class name :
and you will find more quickly where are the interesting things (related to the permissions) :
Moreover, in the data laboratory you can search and select particular nodes in the overview :
This feature will not replace a classical analyze with androlyze.py or smali/baksmali. It's just one tool :) but we are trying to search better tools to visualize an android application (and you can help).
Moreover, with gephi, you can apply classical community algorithm (Statistics/Modularity) :
All nodes will have a color which corresponds to the community :
In fact, each community can be a specific library (as the previous picture), or simply high depencies between methods :
No comments:
Post a Comment