-
-
Notifications
You must be signed in to change notification settings - Fork 713
Extensions to Soot
This page lists a number of extensions to Soot and/or tools that are designed to be used with Soot, and which can be helpful in different circumstances.
Heros supports the template-driven inter-procedural data-flow analysis of applications using the IFDS and IDE frameworks. Using Heros, you can quickly prototype context and flow-sensitive data-flow analyses by simply defining a set of flow functions.
FlowDroid supports the analysis of Android apps. It comprises an entry-point generator that allows you to simulate the events of the Android lifecycle. Moreover, it supports the automated tracking of both explicit and implicit information flows.
TamiFlex allows you to collect information about reflective calls and incorporate them into your static analysis. Also, it can be used to incorporate offline-transformed classes into an application's class-loading process.
Soot-Scala is a Scala thin wrapper around many parts of the Soot API to make it follow Scala conventions. It includes many implicit classes that follow the Pimp-my-library pattern and a few extractors to use in Scala match statements.
The JavaEE Entry Point Generator creates entry points for Jax-WS web services and Servlets. Servlet information can be loaded from web.xml
or from the code. Jax-WS information is always loaded from the code. Servlets' access control restrictions and filters are integrated in the entry points we generate.
Averroes is a standalone tool that generates a placeholder library over-approximating the possible behaviour of the original library. The placeholder library can be constructed quickly without analyzing the whole program, and is typically in the order of 80 kB of classes (comparatively, the Java standard library is 25 MB). Any existing whole-program call graph construction framework, including Soot, can use the placeholder library as a replacement for the actual libraries to efficiently construct a sound and precise application call graph. The current version of Averroes is both context-insensitive and flow-insensitive.
JTDec adds a tree-decomposition framework to Soot. It can be used to obtain small-width tree decompositions of Soot Methods and balance them so that they can be utilized for other analyses.
The Just-in-Time analysis concepts aims at making static analysis more usable to the end user, often the code developer. It allows analysis writers to encode prioritization properties into the analysis. At runtime, certain paths are analyzed before others, allowing important results to be returned first. Cheetah is an implementation of the Just-in-Time analysis concept for taint analysis for Android applications. It is integrated in the Eclipse IDE as a plugin.
VisuFlow is a debugging environment designed to support static analysis writers understand and debug an analysis. It is written as an Eclipse plugin, and supports static data-flow analyses written on top of the Soot analysis framework.
Also check out Soot's webpage.
NOTE: If you find any bugs in those tutorials (or other parts of Soot) please help us out by reporting them in our issue tracker.
- Home
- Getting Help
- Tutorials
- Reference Material
- General Notions
- Getting Started
- A Few Uses of Soot
- Using Soot as a Command-Line Tool
- Using the Soot Eclipse Plugin
- Using Soot as a Compiler Framework
- Building Soot
- Coding Conventions
- Contributing to Soot
- Updating the Soot Web Page
- Reporting Bugs
- Preparing a New Soot Release