iForensics App Detector
Finding out mobile information security risks, identify malwares/spywares by automatic examination and analysis with speed to apps in target mobile device.

iForensics App Detector

  • You got hundreds of apps on you mobile device, how do you tell they are safe? AppDetector got you covered with its robot which will automatically analyze all the apps on the device
Description
  • Supports app security test (including pre-installed apps and apps installed by the user) on Android mobile devices.
  • Supports packet capture to apps of Android and iOS mobile devices. When the investigator conduct operation on the app manually, AppDetector will capture packets of the app, then analyze packet related connections to tell whether there are any information security risks.
  • Utilizes non-invasive method (i.e. does not require installation of any apps or software to target mobile device) when acquiring basic information of target mobile device. The above-mentioned information includes: model №, IMEI, OS version, etc.
  • Supports risk level evaluation to the target mobile device. The risk levels are as follow: High, Medium, Low, Safe.
  • Supports “Quick Examination” and “Full Examination” mode. “Quick Examination” will verify the apps of target mobile device with the information of internal database (which is based on the results of previously extracted and analyzed apps); “Full Examination”, on the other hand, starts a new, complete examination to all apps of target mobile device.
  • Supports extraction of the app APK file(s) from target mobile device and supports examination of multiple APK files. AppDetector will also verify the apps’ information (e.g. package name, version, other information) and hash value of the APK file (or the APK file itself) to the information of external database. Investigator will get the result once the search and verification process are done.
  • AppDetector can turn on the app(s) of target mobile device and conduct packet capture. AppDetector will also analyze the connection behaviors within the packets (e.g. connection IP address, port №, and other information); AppDetector will search, verify those connection behaviors with information of external database. Investigator will get the result once the search and verification process are done.
  • Supports risk level verification of packet network connection, in which App detector will conduct information security risk verification to IPs and URLs.
  • Supports app risk level evaluation and black/white list function based on the result(s) sent back from external database. AppDetector will also mark the blacklisted apps as “abnormal” and show warning notification.
  • Supports manual entry and remarking of specific apps or connection to the black/white list of internal database; AppDetector also supports data import from external database to internal database.
  • Supports visualization of examination results with statistical charts/graphs, for example, pie chart of the percentage of the examined/analyzed apps’ risk levels.