Android RASP project, Protect Mobile App from any vulnerabilities.
#1 The First Indonesian Android Security Framework ๐ฎ๐ฉ.
#Cyber Security Solution.
| Feature | Status |
|---|---|
โ Anti HookingInline Hook, PLT Hook, Frida, jshook, Java Hook (xposed/lsposed, simple hook, pine, etc) |
Available |
โ Dynamic tamper detection (e.g Code Patching)Anti patch code, such as dex, libso, hermes engine (React Native). |
Available |
โ Anti FRIDADetect any modified frida framework based on frida or strong frida. |
Available |
โ Anti Debugging & Breakpoint (Java & Native)Detects debugging attempts on your application through a wide variety of tools, including IDA PRO, Binary Ninja, GDB, ADB, etc |
Available |
โ Root DetectionResist root hiders like Shamiko, ZygiskNext, and other trick module |
Available |
โ Certificate Signature IntegrityCertificate Signature anti-tamper app |
Available |
โ Emulator/Virtual Machine DetectionDetect all types of emulators, such as gaming emulators and any Android virtual device, also supports detecting Android emulators such as VPhoneGaGa, Vmos, Virtual Master, F1VM (X8 Sandbox), twoyi |
Available |
โ Game Engine Protection "Anti Cheat"Protecting Game Engine from tampering or hacking for anti game cheat based on (Unity, Unreal Engine, Cocos) |
Available |
โ Memory Patch DetectionAnti Memory Patching, such as memory patcher framework, and GameGuardian |
Available |
โ Dalvik code patch detectionAnti tools patcher such as (LuckyPatcher, JasiPatcher, etc), Anti modify without modifying the APK file. |
Available |
โ Screen ProtectionAnti ScreenShot, ScreenCapturing, ScreenRecording, and ScreenSharing. |
Available |
โ Auto Clicker & Overlay attacks DetectionProtects the screen from malicious clickers, and prevents overlay attacks |
Available |
โ Fake GPS Detection |
Coming Soon |
| Feature | Status |
|---|---|
| โ String Encryption (Java Layer Protection) | Available |
| โ Control Flow Obfuscation (Java Layer Protection) | Available |
| โ Obfuscate method and field names | Coming Soon |
| Feature | Status |
|---|---|
| โ HTTP Capture Detection | Available |
| โ Certificate SSL Pinning | Available |
- Realtime Protection
- Protection is timeless and strictly protects content 360 degrees
- Using Cryptography
- Obfuscated Methods and Strings
- Works fully offline
Protecting the application's business logic.
| Before | After |
|---|---|
 |
 |
| Memu Emulator | LDPlayer Emulator | VPhoneGaGa Android Virtual/Emulator | Mumu Emulator |
|---|---|---|---|
 |
 |
 |
 |
I can't provide many example images for all emulator detection, you can try it yourself.
A demo for Anti HTTP Capture
antihttpcapture.mp4
3.km_20241012_1080p_60f_20241012_171637.mp4
How does this work so it is anti bypass?
Strong and Private built from scratch and is not like existing certificate pinner libraries
A demo for SSL Pinning
sslpin.mp4
A demo for Dalvik code patch detection using LuckyPatcher
km_20241016_1080p_60f_20241016_181255.mp4
A demo for Auto Clicker & Overlay attacks Detection
km_20241026_1080p_60f_20241026_214843.mp4
-
Emulator detection is more suitable for games, this feature is specifically for game developers who don't want their games to be played via an emulator for certain reasons.
-
HTTP Capture detection and SSL Pinning are different but share the same goal of protecting network communications from malicious activities commonly conducted via MITM attacks. The difference between the two is that HTTP Capture detection directly identifies network capture activities such as HTTP, while SSL Pinning verifies the authenticity and integrity of the serverโs SSL certificate.
- Fake GPS Detection.
- Integration with servers for more convenient detection monitoring and control.
- Built-in Anti-Malware (Threat detection from other applications, similar to what Play Protect does).
1. Support Most Android Version
- Support Android 5.0 - 15 (API level 21 - 35).
- Support armeabi-v7a, arm64-v8a, x86 and x86_64.
- Support Android Framework App (Flutter, React Native)
2. Extremely fast and modern vulnerability detection
Sometimes, expensive products out there have slow detection systems that consume a lot of resources. We confidently make this statement and are willing to compare the sophistication of our product against others, because we have conducted comparative research and obtained proven results.
Designed for extremely fast detection and high stability, advanced algorithms to adapt to modern vulnerabilities and tested intently and measurably.
3. Less RAM Consumption
Rich in features but still runs efficiently with minimal RAM usage without overhead and memory leaks.
Testing carried out in debug mode in theory at release should be lower than the results in the video.
4. Does not affect application performance
We employ the most effective methods to maintain the performance of the application. This framework ensures that the application remains fast and preserves the speed of app launch.
We don't use Shell/ClassLoader because we find it less efficient and it slows down the application launch. Decrypting and loading the dex files take up considerable time, which contributes to the delay. Another drawback is that shells can be easily repackaged.
In doing so, we opt for another approach to safeguard your Java source code, protecting it from the exposure of application business logic and the authenticity of its code.
5. Root User Friendly
Sometimes some security framework providers block root users to prevent unwanted things, of course this will have a bad impact on root users who do not have a cyber crime background and have bad intentions for the application user, it is true that detecting root can prevent hackers from moving forward to carry out the action. but not all root users have the same goals and characteristics.
So with this we really pay attention to security gaps without needing to block access for certain users. But we still provide the root detection feature as an option and feature support if our clients need it.
So with our project, root users with malicious intent will not be useful even if they have root access
6. Friendly with other applications and piracy tools
Sometimes some security framework providers block piracy tools or applications to prevent unwanted things, of course this is not friendly in our opinion.
Therefore our goal is that all such tools will be useless for our framework, there is no need to blindly block other applications that are not desired.
7. Custom ROM User Friendly (Unlocked Bootloader)
Sometimes some security framework providers detect an unlocked bootloader, to prevent unwanted things, of course this is not friendly for users who like to customize their smartphones.
As in the first point, not all users with root or unlocked bootloader have bad intentions.
8. No Developer Option Blocker
One of the funniest things is why block the developer options?
GarudaDefender will handle everything without restricting your usage policies or disrupting the user experience.
9. No threats or viruses detected
This framework does not cause false detection as a virus, of course this will increase the success rate of submitting applications to the Playstore
Download Demo APK
- At the moment, the framework only works for Android applications.
- Currently in development for standalone deployment without the need for coding. If you need a demo in your application, please contact us, and we will integrate it into your app.
Of course we are aware and care about the security, authenticity, robustness in our systems, so we continue to maintain and research modern vulnerabilities to continue to maintain our security. Carrying out rigorous analysis and testing from various angles to provide the best service for our users.
This project is not available as open-source. If you are interested and want to build a business, we are open to it.
Contact:
[email protected]