You will get Android APK Security Audit & Malware Analysis Report
Project details
I perform in-depth Android APK security audits
combining static analysis with ML-powered malware
detection — giving you a clear threat assessment
of any Android application with actionable findings.
Unlike basic antivirus scans, my analysis goes
deeper — decompiling the APK, extracting
permissions, API calls, and strings, then running
extracted features through a trained ML
classification model to detect malware families,
suspicious behaviour patterns, and hidden threats
that signature-based tools miss.
Every analysis is conducted on real malware
samples — not synthetic data. My detection
pipeline is built and tested against actual
Android threats including banking trojans,
spyware, adware, and RATs.
Deliverables include a full technical report
with threat classification, permission risk
ratings, indicators of compromise (IOCs),
behaviour mapping, and clear remediation
recommendations — suitable for developers,
security teams, and compliance purposes.
Tools: Python · Scikit-Learn · TensorFlow ·
Androguard · APKTool · JADX · MobSF
Framework: OWASP Mobile Top 10 · MASVS
combining static analysis with ML-powered malware
detection — giving you a clear threat assessment
of any Android application with actionable findings.
Unlike basic antivirus scans, my analysis goes
deeper — decompiling the APK, extracting
permissions, API calls, and strings, then running
extracted features through a trained ML
classification model to detect malware families,
suspicious behaviour patterns, and hidden threats
that signature-based tools miss.
Every analysis is conducted on real malware
samples — not synthetic data. My detection
pipeline is built and tested against actual
Android threats including banking trojans,
spyware, adware, and RATs.
Deliverables include a full technical report
with threat classification, permission risk
ratings, indicators of compromise (IOCs),
behaviour mapping, and clear remediation
recommendations — suitable for developers,
security teams, and compliance purposes.
Tools: Python · Scikit-Learn · TensorFlow ·
Androguard · APKTool · JADX · MobSF
Framework: OWASP Mobile Top 10 · MASVS
Machine Learning Tools
MATLAB, pandas, Python, scikit-learnWhat's included
| Service Tiers |
Starter
$50
|
Standard
$100
|
Advanced
$200
|
|---|---|---|---|
| Delivery Time | 2 days | 3 days | 5 days |
Number of Revisions | 1 | 2 | 3 |
Number of Model Variations | 1 | 2 | 3 |
Number of Scenarios | 1 | 3 | 5 |
Number of Graphs/Charts | 2 | 4 | 6 |
Model Validation/Testing | |||
Model Documentation | - | ||
Data Source Connectivity | - | - | |
Source Code | - | - |
About Satheesh
Web Application & API Security Analyst | VAPT | Bug Bounty Researcher
Male, Maldives - 9:39 am local time
vulnerabilities in web applications and APIs —
delivering professional VAPT reports with CVSS
ratings, CWE classifications, and actionable
remediation guidance.
Active bug bounty researcher on Intigriti, HackerOne,
and Bugcrowd with real-world experience testing live
production systems including government platforms.
Tools: Burp Suite · Kali Linux · ffuf · Subfinder ·
Nuclei · Postman
Framework: OWASP Top 10 2025 · CVSS v3.1 · CWE
Steps for completing your project
After purchasing the project, send requirements so Satheesh can start the project.
Delivery time starts when Satheesh receives requirements from you.
Satheesh works on your project following the steps below.
Revisions may occur after the delivery date.
APK Collection & Scope Review
Receive APK file, confirm authorization, define analysis scope and deliverables with client.
Static Feature Extraction (Script 1)
Using Androguard, I decompile the APK to extract the AndroidManifest.xml and classes.dex files. I specifically isolate 14 key feature vectors, including dangerous permission flags and API cross-references (XREFs).