OWASP SeraphimDroid Project

=Main=



{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 * valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

OWASP SeraphimDroid
OWASP Seraphimdroid is a privacy and security protection app for Android devices. It enables users to protect their devices against malicious software (viruses, trojans, worms, etc.), phishing SMS, MMS messages, execution of dangerous USSD codes, theft and loosing. Also, it enables user to protect their privacy and to control the usage of applications and services via various kinds of locks.



Introduction
SeraphimDroid is educational application for android devices that helps users learn about risks and threats coming from other android applications. SeraphimDroid scans your devices and teaches you about risks and threats coming from application permissions. Also this project will deliver paper on android permissions, their regular use, risks and malicious use. In second version SeraphimDroid will evolve to application firewall for android devices not allowing malicious SMS or MMS to be sent, USSD codes to be executed or calls to be called without user permission and knowledge.

Project development is done on GitHub: https://github.com/nikolamilosevic86/owasp-seraphimdroid

Release of OWASP Seraphimdroid is available on Google Play: https://play.google.com/store/apps/details?id=org.owasp.seraphimdroid

Description
The aim of this project is to research all the risks coming from permissions and to actively alarm user of the application about those risks. Also, using different kind of heuristics SeraphimDroid application should keep user data and money safe. Application should prevent other applications to execute some action that cost money without user's knowledge and acknowledgement. At the later stage application should using heuristics act as anti malware application.

The secondary goal of the project is to publish documentation about researched topics, such as how can some permissions be misused, what are the heuristic approaches to prevent other application executing malicious actions etc.

Licensing
GNU GPL v3 License (allows commercial use, but requires that modifications to your code stay open source, thus prohibiting proprietary forks of your project)


 * valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

What is OWASP SeraphimDroid?
OWASP SeraphimDroid provides:


 * Documentation on how Android permissions can be misused
 * Security Android application
 * Application that keeps user secure and teaches him about risks

Presentation
OWASP Mobile Top 10 and OWASP Seraphimdroid

Project Leader
Nikola Milosevic [mailto:nikola.milosevic@owasp.org]

Related Projects

 * OWASP_Mobile_Project

Ohloh

 * https://www.ohloh.net/p/owasp-seraphimdroid


 * valign="top" style="padding-left:25px;width:200px;" |

Quick Download

 * Google Play: https://play.google.com/store/apps/details?id=org.owasp.seraphimdroid
 * Code: https://github.com/nikolamilosevic86/owasp-seraphimdroid

News and Events

 * (10.7.2015) OWASP Seraphimdroid is participating at OWASP Summer Code Sprint 2015

Classifications

 * }

=FAQs=


 * Q1
 * A1


 * Q2
 * A2

= Acknowledgements =

Volunteers
OWASP SeraphimDroid is developed by a worldwide team of volunteers. The primary contributors to date have been:


 * Nikola Milosevic
 * Aleksandar Abu Samra
 * Chetan Karande
 * Ali Tekeoglu
 * Furquan Ahmed

Others

 * xxx

= Road Map and Getting Involved = As of SeraphimDroid, the priorities are:
 * MVP development of Android security application with educational content
 * Documenting approaches taken during the development
 * Try to publish some papers
 * Further development and improvement

Involvement in the development and promotion of SeraphimDroid is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:
 * Help coding open source security app
 * Write project documentation
 * Research possible permission misuse

If you want to contribute please contact project leader Nikola Milosevic [mailto:nikola.milosevic@owasp.org]

=Project About=