[Release] SUPER Android Analyzer 0.1.0


#1

Hi there!

We just released SUPER 0.1.0. For those who don’t know what it is, SUPER is an Android .apk file analyzer, that detects common security bugs and shows them in an HTML report. SUPER comes from Secure, Unified, Powerful and Extensible Rust Android Analyzer, and it has been 100% developed in pure open-source Rust, in GitHub.

As you can see in the release announcement, in this version we have created 37 rules that detect SQL injections, XSS attacks, superuser-checking applications and tons more. It’s easily extensible, and creating rules is really easy (we will publish an article on that later), so it will improve as soon as we get more and better rules.

We still have some Java dependencies that we are willing to solve in an issue, help is appreciated, but it’s already faster and more powerful than most analyzers out there.

We are now getting ready to develop the next version, since we have decided to release a new version each 6 weeks, the same week of each new Rust release. We will need your help for that, and we will take part in this month’s hacktoberfest too, with some issues you can try to solve and get your T-shirts.

You are encouraged to try it, we created packages for Windows and Linux, and MacOS X packages are under development.


#2

Small correction about the announcement:

With Rust, stack overflows, segmentation faults etc. are directly not possible, which makes sense in a security centered application.

Stack overflow is totally possible in safe Rust ( fn main() { main() } ), buffer overflow is not possible.


#3

Ups, true, I fixed it! thanks!