DroidTracer

Intercepting Android system events without platform modifications

Source code is protected, please email [me] for password.

DroidTracer is an platform-centric add-on for Android, capable of intercepting nearly all interactions both between apps and apps with the platform, including arguments of method invocations in a human-readable format. It is more powerful than app-centric approaches, yet no platform changes are necessary!

• Kernel module: [as zip]
• DroidTracerService: [as zip], [Read API doc]
• JNI C++ library (client-site netlink communication endpoint):: [as zip], [libdroidtracer.so] (compiled with NDK)

NOTE: DroidTracer itself has no UI. It acts as a library only (see API doc) and as such can be integrated in your analysis to provide access to otherwise hidden system-events (see MonitorMe as an example app). If you plan to use DroidTracer, copy DroidTracerService.java in your Android project and place your analysis in the callback method onEvent(), which gets triggered if new system events occur. Furthermore, libdroidtracer.so has to be copied in the directory obj/local/armeabi/ of your Android project (see MonitorMe). Or otherwise, copy the content of DroidTracerService in the directory jni/ of your Android project and compile with NDK yourself.