MEDUSA is an extensible and modularized framework that automates processes and techniques practiced during the dynamic analysis of Android and iOS Applications.
Installation
- Clone this repo
- Navigate to the medusa's directory
- Run the following command:
pip install -r requirements.txtUsing Stheno (Σθενώ) with Medusa
Stheno is a subproject of Medusa, specifically designed for intent monitoring within this framework. Below is a quick guide on how to set up and use Stheno effectively.Check our
Demos:- MEDUSA | Android Penetration tool (credits @ByteTheories)
- MEDUSA | Android Malware Analysis 101 (credits @ByteTheories)
- Unpacking Android malware with Medusa (credits @cryptax)
- Unpacking Android APKs with Medusa (credits @LaurieWired)
- #Medusa - Extensible binary instrumentation framework based on #FRIDA for Android applications (credits @AndroidAppSec)
- Memory inspection with Medusa
- Bypassing root detection
Using medusa.py
The main idea behind MEDUSA is to be able to add or remove hooks for Java or Native methods in a large scale while keeping the process simple and effective. MEDUSA has more than 90 modules which can be combined, each one of them dedicated to a set of tasks. Indicatively, some of these tasks include:- SSL pinning bypass
- UI restriction bypass (e.g. Flag secure, button enable)
- Class enumeration
- Monitoring of:
- Encryption process (keys, IVs, data to be encrypted)
- Intents
- Http communications
- Websockets
- Webview events
- File operations
- Database interactions
- Bluetooth operations
- Clipboard
- Monitoring of API calls used by malware applications, such as:
- Spyware
- Click Fraud
- Toll Fraud
- Sms Fraud
Using mango.py
Mango is medusa's twin brother which can be used to:- Parse and analyse the Android manifest
- Enumerate an application's attack entry points (exported activities, deeplinks, services etc.)
- Keep track of all your analysed applications
- Automate boring processes like:
- Set up a MITM
- Patching
- Wrap adb commands
- Set/View/Reset the device's proxy configuration