Dexter - Online Tool For Analysing Android Applications

Dexter - Android App Analyser

Dexter is an online android application analysis framework that is capable of APK dissection and analysis, extracting information about Activities, BroadcastReceivers, and Permissions, Decompilation, and more.

Dexter's features also include:
  • Manifest view and analysis.
  • Class hierarchy/graph view.
  • Examining actual bytecode in a graph-like basic block view.

It is built around a Python Django backend that combines a SQL database with XML caching (obviously for performance reasons).

The following image shows the Dexter framework components:

Dexter framework components illustration

HOW TO USE DEXTER

First, go to https://dexter.dexlabs.org/accounts/register, and create an account.

It is very easy to create, all you need is an email address, a username, and a password.

Dexter Registration Form Screenshot

After the registration process, you will get an e-mail with an activation link.

Click on the link, or copy-paste it in the address bar and hit the "Enter" key. Then login to your account. You will see a page as shown below.

Dexter Creating a Project Screenshot

Now, give a name for the project, and then click on the "Create Project" button.

What? the description box?  really?! :)

After creating the project, you need to upload an APK to analyze.

Dexter uploading an APK Screenshot

To do that, first, type in Name and Description, and then select the APK file. Then click on the "Upload" button.

If the upload is successful, Dexter's analysis sandbox will perform static analysis on the APK.

Dexter analysing the APK Screenshot

After the analysis, Dexter will show you a page like this:

Dexter APK Analysis Finished Screenshot

Click on the "Go to your dashboard" button.

Note: If the analysis fails or the status never changes, contact DexLabs.

Now let's talk about the Dashboard...

Dexter Dashboard Screenshot

As you can see in the above image, all the created projects are on the left side in the bar. and there are buttons on the top-right to modify it, invite people, delete it or create a new one.

Note: If you don't see the buttons, you don't have the appropriate rights in the project. Please contact the owner.

In the middle of the tab, you can see the members of the selected project and all analyses inside of it.

If you click on an analysis, you will see some more details about it and you can open it in the analysis view or edit the description and title of it.

Analyses Screenshot

Analysis View:

Analysis View Screenshot

This is the basic analysis view. On the top, you have some information about the application itself and diagrams about some internal statistics of the APK like how big are several packages inside the APK compared to each other etc.

Further down there are lists of all used and application-defined permissions with a small description and all activities, services, broadcast receivers and content providers in the application. If you click on an entry, the class diagram will open automatically.

Class Diagram Screenshot

The buttons on the right are for opening the package diagram, a list of classes and strings and an APK file browser to download files from the APK.

If you want to decompile a class diagram, click on the last button in the toolbar (a circled arrow).

Decompiled Class Screenshot

Package Dependency Graph:

Package Dependency Graph Screenshot

Class List:

Class List Screenshot

The green bubble you see in the above image is a tag. You can tag things inside your analysis to quickly find them later by searching for them. The above one is created by the Autotagger during the analysis.

String List:

String List Screenshot

APK FileBrowser:

APK FileBrowser Screenshot

That's all. I hope you liked this article. If you did, please share...


No comments

Powered by Blogger.