Argus-SAF: Argus static analysis framework
This is official reporitory for the Argus-SAF.
For test and play with Argus-SAF, you can fork from our Argus-SAF-playground project, which have the basic setup for a Argus-SAF enhanced project with demo codes of how to perform different kind of analysis.
Argus-SAF/ +--src/main/scala/org.argus.saf/Main.scala Main class for argus-saf CLI. +--jawa Core static analysis data structures, "*.class"&"*.jawa" file managing, jawa compiler, class hierarchy, method body resolving, flow analysis, etc. +--amandroid Android resource parsers, information collector, decompiler, environment method builder, flow analysis, etc. +--jnsaf Java native interface analysis. +--nativedroid Annotation based analysis using angr symbolic execution engine.
Obtaining Argus-SAF as library
libraryDependencies += "com.github.arguslab" %% "jawa" % VERSION
libraryDependencies += "com.github.arguslab" %% "amandroid" % VERSION
Note that: Depend on Amandroid will automatically add Jawa as dependency. If you use Maven or Gradle, you should translate it to corresponding format.
Obtaining Argus-SAF CLI Tool
Requirement: Java 10
$ java -jar argus-saf_***-version-assembly.jar
In order to take part in Argus-SAF development, you need to:
Install the following software:
- IntelliJ IDEA 14 or higher with compatible version of Scala plugin
Fork this repository and clone it to your computer
$ git clone https://github.com/arguslab/Argus-SAF.git
Open IntelliJ IDEA, select
File -> New -> Project from existing sources(if from initial window:
Import Project), point to the directory where Scala plugin repository is and then import it as SBT project.
When importing is finished, go to Argus-SAF repo directory and run
$ git checkout .idea
in order to get artifacts and run configurations for IDEA project.
[Optional] To build Argus-SAF more smooth you should give 2GB of the heap size to the compiler process.
if you use Scala Compile Server (default):
Settings > Languages & Frameworks > Scala Compile Server > JVM maximum heap size
if Scala Compile Server is disabled:
Settings > Build, Execution, Deployment > Compiler > Build process heap size
Build Argus-SAF from command line: go to Argus-SAF repo directory and run
$ tools/bin/sbt clean compile test
- Generate fat jar: go to Argus-SAF repo directory and run
$ tools/bin/sbt assembly
Install JN-Saf with NativeDroid
You can install either one by:
$ tools/scripts/install.sh jnsaf $ tools/scripts/install.sh nativedroid
Run BenchMark Test
$ tools/scripts/benchmark_cli.sh droidbench $ tools/scripts/benchmark_cli.sh iccbench $ tools/scripts/benchmark_cli.sh nativeflowbench
Launch JN-SAF for native analysis
- Install nativedroid:
$ tools/scripts/install.sh nativedroid
- Start nativedroid server:
$ python nativedroid/nativedroid/server/native_droid_server.py /tmp/binaries nativedroid/nativedroid/data/sourceAndSinks/NativeSourcesAndSinks.txt nativedroid/data/sourceAndSinks/TaintSourcesAndSinks.txt
- Use NativeDroidClient.scala to communicate with the nativedroid server to perform native analysis.
- If python code in Intellij shows unresolved imports, you should manually import the nativedroid folder as a python module and set Python SDK. Recommend to use a python virtualenv to install nativedroid with it's required python packages.
Bazel integration in progress. Ignore all the BUILD files for now.
How to contribute
To contribute to the Argus-SAF, please send us a pull request from your fork of this repository!
What to contribute
If you don't know what to contribute, you can checkout the issue tracker with
help wanted label, and claim one to help yourself warm up with Argus-SAF.