The tools developed under the TRUST aWARE project are grouped under thematic work packages or domains, being some them open to the general public and others restricted due to exploitation interests. For any question or clarification, please do not hesitate to contact us through this form.
TRUST aWARE DASHBOARD
The user-centric front-end component of our vision to assist and train citizens at the time of addressing their specific S&P threats. It consists of:
- Privacy Adviser: The Privacy Adviser helps you understand information about your privacy from Android applications, so you can make more informed decisions about your privacy. It simplifies privacy-related documents and allows you to find the most important information within these documents. The tool also provides some recommendations to avoid any potential privacy implication and risk.
- Security Analysis: The Security Analysis helps you check the security of files and websites. For files you will be informed if they are malicious or potentially unwanted. For websites you will be informed whether it is clean, used for malicious purposes, or not suitable for specific categories of the users.
- Ad Analysis: The Ad Analysis gives you information about the advertisement that you receive on Facebook and YouTube. It shows you why advertisers target you with their ads. It also lets you block advertisers on Facebook when you do not want to see their ads.
- Resources: The Resources section gives you access to both basic as well as in-depth information about how to protect your security and privacy online.
Test it at https://trustaware.trilateral.ai/
CYBER THREAT INTELLIGENCE (CTI) PLATFORM
Our CTI platform is based on the open-source MISP (Malware Information Sharing Platform) and deployed on Amazon Web Services (AWS). Additionally, it encompasses diverse sources of information pivotal for broadening threat intelligence, including inputs from the MISP of the Computer Incident Response Center Luxembourg (CIRCL) events and results from TRUST aWARE static and dynamic code analysis:
- MISP training course:
- Static and Dynamic analysis:
- Demonstrations:
- Static and Dynamic analysis:
- Tools:
- Taint Analyzer tool: https://github.com/Android-Observatory/PermissionTainter
- Permission Tracer tool: https://github.com/Android-Observatory/PermissionTracer
- Permission Tainter tool: https://github.com/Android-Observatory/PermissionTainter
- Android Market crawler: https://github.com//kdhageman/android_market_crawler
- Kunai: https://github.com/ElsevierSoftwareX/SOFTX-D-22-00376 | https://codeocean.com/capsule/7618400/tree/v1
- DEXtripador: https://github.com/Android-Observatory/DEXtripador
- FOTAFinder: https://github.com/Android-Observatory/FotaFinder
- Datasets:
- IoT-LAN: https://github.com/Android-Observatory/IoT-LAN/
- Defined custom permissions: https://androidobservatory.com/files/defined_perms_all_release.json.xz
- Dataset of requested custom permissions: https://androidobservatory.com/files/requested_perms_all_release.json.xz
- Dataset for sources and sinks: https://github.com/Android-Observatory/PermissionTainter/blob/master/SourcesAndSinks_custom_perms.txt
- Chrowned dataset: https://github.com/josemmo/chrowned
- Attribution signals from five Android markets: https://www.dropbox.com/sh/dc8aa5qggto7z82/AADY7oyzt9Z7RP-c2pNQ98eXa?dl=0 | https://zenodo.org/records/7456231
- SMM Panels datasets: https://github.com/0xjet/smmpanels
- Mobile browsers dataset: https://github.com/NEU-SNS/mobile-browser
- App TLS pinning dataset: https://github.com/NEU-SNS/app-tls-pinning
- IoTLS dataset: https://github.com/NEU-SNS/iotls
- Android applications obfuscation analysis dataset: https://zenodo.org/doi/10.5281/zenodo.11110836
- Android software protection techniques resource: https://android-obfuscation.github.io/Android-Software-Protection-Techniques
- Tools:
