Research Area:  Digital Forensics
AndroPyTool is a tool for the extraction of both, static and dynamic features from Android applications. It aims to provide Android malware analysts with an integrated environment to extract multi-source features able of modelling the behaviour of a sample and that can be used to discern its nature, whether malware or goodware. AndroPyTool integrates well known tools in this field, such as AndroGuard, DroidBox, FlowDroid, AVClass, VirusTotal or Strace, which allow to obtain a wide set of features including Application Programming Interface (API) calls, permissions, labels obtained from the different antivirus engines included in VirusTotal, Source-Sinks data connections, API calls invoked in real time, accessed files, files operations and many others. AndroPyTool is an open source tool that can be used via both the source code and a Docker container, in just three stages (pre-static, static and dynamic analysis).
Keywords:  
Author(s) Name:   A. MartÃn, R. Lara-Cabrera and D. Camacho
Journal name:  Proceedings Series on Computer Engineering and Information Science
Conferrence name:  
Publisher name:  World Scientific Publishing
DOI:  10.1142/9789813273238_0066
Volume Information:  
Paper Link:   https://www.worldscientific.com/doi/10.1142/9789813273238_0066