reddit hackernews mail facebook facebook linkedin
Argus-SAF

Argus-SAF

Static analysis framework built in house to do security vetting for Android applications.

It has the capability to perform comprehensive, efficient and highly precise Inter-component data flow analysis.

It provides the ability to:
- Parsing Jawa codes.
- Load information from jar file and class file.
- Build AST for jawa records (classes) and procedures (methods).
- Resolving class hierarchy and class elements overwritten relationship.
- Resolving virtual method invocation.

It can conduct/build:
- Call Graph
- Reaching Definition Analysis
- Points-to Analysis
- Monotonic Data Flow Analysis,
- Reaching Facts Analysis
- Intra-/Inter- procedural Control Flow Graph
- Intra-/Inter- procedural Data Flow Graph
- Data Dependence Analysis
- Taint Analysis
- Side Effect Analysis