Quark-Engine
An obfuscation-neglect Android malware scoring system that analyzes APKs for malicious behavior patterns.
What is Quark-Engine?
Quark Engine is an open-source Android malware analysis system that scores APK files based on detected malicious behaviors. It uses a rule-based approach to identify threat patterns even in obfuscated code, helping security researchers classify malware families and assess risk. The tool generates detailed reports that map observed activities to known malware signatures.
Android security researchers, malware analysts, and threat intelligence teams who need to analyze potentially malicious APK files. It's also valuable for organizations building internal Android app security pipelines.
Quark Engine provides a specialized, obfuscation-resistant analysis method that focuses on behavioral patterns rather than surface signatures. Its rule-based system is extensible and produces actionable scoring, making it a practical choice for systematic malware assessment.
Overview
Quark Engine is a static analysis tool designed to detect and score Android malware by identifying malicious behavior patterns within APK files. It specializes in analyzing obfuscated malware, providing security researchers and analysts with a systematic way to assess threats. The tool generates detailed reports that map observed behaviors to known malware families, helping to classify and understand new variants.
Key Features
- Obfuscation-Neglect Analysis — Detects malicious behaviors even in heavily obfuscated Android applications.
- Rule-Based Scoring — Uses a comprehensive database of rules to identify and score specific malware behaviors.
- Malware Family Mapping — Correlates detected behaviors with known malware families like DroidKungFu, GoldDream, and SpyNote.
- Summary Reports — Generates concise, actionable reports highlighting the most critical findings.
- Extensible Rule System — Allows security teams to create and update custom detection rules.
Philosophy
Quark Engine is built on the principle that malicious intent can be uncovered through behavioral analysis, regardless of code obfuscation techniques. The project emphasizes practical, rule-driven detection that benefits the broader security community.
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
