Is using an Android emulator like BlueStacks a forensically viable method of testing app behavior?
For example, if I wanted to confirm where, how, and when an application creates folders in the file system when I send an attachment. And I do my due diligence to match the operating system and version numbers. Could this be used as an explanation in court, or is this a dangerous oversimplification or misunderstanding of BlueStacks capability?
🗣Expensive_Ad6442
The official android emulator should behave as it would on a live system, so should be indicative enough of the app's functionality to demonstrate what you need to show.
Depending on the context, it's worth considering that an app could identify that it's in an emulator and change its behaviour accordingly though, so if it's something custom/niche then consider that some analysis of the apk might be required.
👤minimize
I wouldn't use BlueStacks just based on the amount of bloatware and OS-level modifications done to it, but people have certainly used it for that purpose (for better or worse).
I think what you're looking for is the official Android dev tools via Android Studio.
https://developer.android.com/studio/run/emulator
👤CrisisJake
🎖@malwr
For example, if I wanted to confirm where, how, and when an application creates folders in the file system when I send an attachment. And I do my due diligence to match the operating system and version numbers. Could this be used as an explanation in court, or is this a dangerous oversimplification or misunderstanding of BlueStacks capability?
🗣Expensive_Ad6442
The official android emulator should behave as it would on a live system, so should be indicative enough of the app's functionality to demonstrate what you need to show.
Depending on the context, it's worth considering that an app could identify that it's in an emulator and change its behaviour accordingly though, so if it's something custom/niche then consider that some analysis of the apk might be required.
👤minimize
I wouldn't use BlueStacks just based on the amount of bloatware and OS-level modifications done to it, but people have certainly used it for that purpose (for better or worse).
I think what you're looking for is the official Android dev tools via Android Studio.
https://developer.android.com/studio/run/emulator
👤CrisisJake
🎖@malwr
reddit
Is using an Android emulator like BlueStacks a forensically viable...
For example, if I wanted to confirm where, how, and when an application creates folders in the file system when I send an attachment. And I do my...
A Technical Analysis of Royal Ransomware [PDF](https://securityscorecard.pathfactory.com/research/the-royal-ransomware)
🗣CyberMasterV
🎖@malwr
🗣CyberMasterV
🎖@malwr
Security Scorecard
A Technical Analysis Of The Royal Ransomware
This malware encrypts files with the AES algorithm, either fully or partially. The extension of the affected files changes to “.royal”. Find out more in this technical analysis of the Royal Ransomware from SecurityScorecard’s Senior Malware Analyst, Vlad…
👍2
🔥1
GuardDog: Identifying malicious PyPI packages using static code analysis and package metadata analysis
🗣thorn42
🎖@malwr
🗣thorn42
🎖@malwr
Datadoghq
Finding malicious PyPI packages through static code analysis: Meet GuardDog
GuardDog is an open-source tool to identify malicious PyPI packages through source code and metadata analysis
Framework Proposal to Regulate Lawful Hacking by Police within Criminal Investigations - PhD dissertation
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
Proquest
Framework Proposal to Regulate Lawful Hacking by Police within Criminal Investigations - ProQuest
Explore millions of resources from scholarly journals, books, newspapers, videos and more, on the ProQuest Platform.
Emulate Any ISA Card With A Raspberry Pi And An FPGA
🗣r_retrohacking_mod2
Hoping for a model that could emulate a real 3DFx
👤RetroBastardo
comments in the article are more interesting, specially RP2040 based ISA cards
👤incrediblediy
If you already have the FPGA, maybe you could use that instead of the Pi?
👤Dwedit
🎖@malwr
🗣r_retrohacking_mod2
Hoping for a model that could emulate a real 3DFx
👤RetroBastardo
comments in the article are more interesting, specially RP2040 based ISA cards
👤incrediblediy
If you already have the FPGA, maybe you could use that instead of the Pi?
👤Dwedit
🎖@malwr
Hackaday
Emulate Any ISA Card With A Raspberry Pi And An FPGA
One of the reasons the IBM PC platform became the dominant standard for desktop PCs back in the mid-1980s was its open hardware design, based around what would later be called the ISA bus. Any manu…
A vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Secure Manager Appliance and Cisco Email Security Appliance
🗣SSDisclosure
🎖@malwr
🗣SSDisclosure
🎖@malwr
SSD Secure Disclosure
SSD Advisory – Cisco Secure Manager Appliance remediation_request_utils SQL Injection Remote Code Execution - SSD Secure Disclosure
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Secure Manager Appliance and Cisco Email Security Appliance.