[Soot-list] help with static analysis
Arzt, Steven
steven.arzt at sit.fraunhofer.de
Mon Mar 5 05:08:43 EST 2018
Hi Luis,
That is possible with Soot. You need to generate a callgraph first. For an Android app, you can use FlowDroid for that purpose [1]. The "SetupApplication" class contains a method generateCallgraph(). After that method has run, you can use Scene.v().getCallgraph() to get the callgraph.
In case you need not only caller/callee relationships, but also data flow, FlowDroid can do that as well using runInfoflow().
Best regards,
Steven
[1] https://github.com/secure-software-engineering/FlowDroid
-----Original Message-----
From: Soot-list [mailto:soot-list-bounces at cs.mcgill.ca] On Behalf Of De Souza Melo, Luis Henrique
Sent: Friday, March 2, 2018 5:29 PM
To: soot-list at CS.McGill.CA
Subject: [Soot-list] help with static analysis
Hi all,
I am new to soot and static analysis, so forgive me if I am asking some question that may have already been answered or may be obvious for some.
I need a tool, or a framework, to find call stacks based on exit nodes (e.g., every possible call stack method that can reach java.net.DatagramSocket.send(DatagramPacket) call). Considering that I am analyzing apk files, there is a tool that does this static analysis for me, or at least, is it possible to do with Soot?
Luis
_______________________________________________
Soot-list mailing list
Soot-list at CS.McGill.CA
https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
More information about the Soot-list
mailing list