Quark-Engine

Forensics & Incident Response

An Obfuscation-Neglect Android Malware Scoring System.

Track releases GitHub Website

Python Latest v26.6.1 · 11h ago Security brief →

Features

Generates detailed malware family analysis reports
Provides signature behavior summaries for Android threats
Offers links to view per‑family rule documentation

Recent releases

View all 12 releases →

Monitor

v26.6.1 Feature 11h

New malware detection rules

Open

v26.5.1 Bug fix 28d

Notable features

Added Quark rules for Antidot, Arsink, and TrickMo malware families

Full changelog

Rule Enhancement

Add new Quark rules for the Antidot, Arsink, and TrickMo malware families. (#903, #907, and #909)

Bug Fixes

Separate filled-new-array parsing from invoke-kind handling to avoid incorrect bytecode classification. (#867 and #886)

View release on GitHub

v26.4.1 Bug fix 1mo

⚠ Upgrade required

Bumped Flask dependency from 2.2.5 to 3.1.3

Notable features

Added analysis report for Hydra malware family
Added analysis report for SharkBot malware family

Full changelog

Document Enhancements

Add analysis report for Hydra malware family. (#892)
Add analysis report for SharkBot malware family. (#900)

Bug Fixes

Fix issues where type-casting and invoke-polymorphic instructions were skipped during analysis. Thanks to @dolamroth. (#872 and #874)
Fix incorrect type hints in helper functions. Thanks to @dolamroth. (#885)
Fix incomplete tracking of registers holding array objects. (#890)

Dependency Update

Bump Flask from 2.2.5 to 3.1.3. (#865)

View release on GitHub

v26.3.1 New feature 2mo

Notable features

Add a safe DEX checksum auto-repair flow for androguard-based parsing

Full changelog

Performance Improvement

Record register usage instead of full state to reduce memory usage. (#845)

Document Enhancement

Add an analysis report for the ToxicPanda malware family. (#863)

New Feature

Add a safe DEX checksum auto-repair flow for androguard-based parsing. (#866)

View release on GitHub

v26.2.1 New feature 3mo

Notable features

Support for handling semi-corrupted Android APKs

Full changelog

Dependency Update

Bump requests max version to 2.32.3. (#856)

Document Enhancement

Reconstruct documentation. (#857)

New Feature

Add support for handling semi-corrupted Android APKs (#859)

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Releases

View all →

Releases per month

J

A

S

O

N

D

J

F

M

A

M

J

Cadence 0.3 / wk

Last release 0d

Churn +606 / −153 lines · 7 files · 7 commits

Tracked 12

Security

Full profile →

Security score 7.8/10

OpenSSF —

Open CVEs 0

Active maintainer

Community

GitHub stars 1,679

Forks 202

Open issues 79

Open PRs 20

Stars/wk velocity 0.0

About

Stars

1,679

Forks

202

Languages

Python HTML Shell

View on GitHub Homepage Documentation

Similar tools

Flare

grisuno/LazyOwn

hyperb1iss/droidmind

About

Stars

1,679

Forks

202

Languages

Python HTML Shell

View on GitHub Homepage Documentation

Similar tools

Flare

grisuno/LazyOwn

hyperb1iss/droidmind

Beta — feedback welcome: [email protected]