[Technique] Taint Analysis #1942
Assignees
Labels
Comments
|
Taking this one up. |
|
@cpholguera Shall I put this in Binary analysis section, after symbolic execution? https://github.com/OWASP/owasp-mastg/blob/master/Document/0x05c-Reverse-Engineering-and-Tampering.md#binary-analysis |
|
Hi Vikas, it'd be great if you could already draft the content. We're currently refactoring the MASTG chapters to a new format so for now, you can put it there on your branch but we'll ask you to pull from master and move your content before merging. Is that ok for you? |
|
Got it. I will keep the content on my branch for now. |
|
@cpholguera I have created a PR so that you know the content is ready. I can update it as per your above comment. |
|
Thanks a lot @su-vikas! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Include Taint Analysis in our techniques.
https://www.usenix.org/system/files/sec20-elsabagh.pdf
Tools
GDA?
GDA supports Static Taint Analysis:
https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-Static-Taint-Analysis
Among many other features, it has this Frida support:
https://github.com/charles2gan/GDA-android-reversing-Tool/wiki/GDA-support-for-the-frida
Other tools
Do we have other tools already doing this? e.g. RMS. What about FlowDroid?
The text was updated successfully, but these errors were encountered: