Pithus is a free and open-source mobile threat intelligence platform for activists, journalists, NGOs, researchers…
Pithus is the answer to the exponential growth of mobile threats. Malicious apps, fake apps, data laundering are the main threats when it comes to mobile security. Their detection and analysis should be available for all and not the property of a private company. Unlike some commercial solutions with exorbitant prices, Pithus is an entirely open platform supported and maintained by the community. Threats such as permanent tracking and data laundering are made possible by the total lack of transparency and the lack of understanding around what and how data is gathered. Pithus brings transparency through clear and structured reports. Activists, journalists, NGOs, and any other technical community can easily generate these reports and leverage them to better understand the threat landscape.
General features
- Domain names analysis: extract and analyze domain names from the apk
- Permissions detection: get insights on permissions required by the application
- Certificates information: get information on signing certificates
- Activities, services, receivers, ...: identify the different entry points of the application
- Download sample & export report: login and click on the buttons!
Threat intel
- Search: find samples by using Lucene query language
- Fingerprints: search by SHA-x and pivot on UAID, ssdeep or dexofuzzy hashes
- Hunt & Retro-hunt: import your rule sets to hunt malware
- Pivot: quickly pivot on various indicators such as domain, certificate and more
- VT & MalwareBazaar: get information from other threat intelligence providers
- Sample life timeline: get insights on the sample lifespan, birth and death
- Similar samples: find similar samples based on binary fuzzy hashing
