Closed JoyMitra closed 6 years ago
sarveshkapre
commented
7 years ago Hey,
Thank you for sharing your valuable feedback. We have reviewed all the benchmarks from the Ghera repo and updated Qark to detect all the high impact issues.
Cheers 👍
JoyMitra
commented
7 years ago Hey,
Thanks for getting back. Will I get the updated version from the master branch?
sarveshkapre
commented
7 years ago Yes. All the changes are merged in the master branch. We will also be updating more checks in next few days.
neilatli
commented
7 years ago Hi @JoyMitra, thanks for your valuable contribution to this area of research!
We have merged all of the new checks into the master branch and as @sarveshkapre mentioned, Qark is now detecting all of the high impact issues in Ghera.
Please feel free to retest Qark and let us know if your results vary.
JoyMitra
commented
7 years ago @neilatli, Thanks for getting back. Can you please let me know the commit id I need to check out?
nwalsh-lnk
commented
6 years ago These checks were added under the plugins folder. Please check there to see the added checks. Closing.
Hi,
I am evaluating android security tools as part of my research. I am measuring each tools effectiveness against a benchmark (https://bitbucket.org/secure-it-i/android-app-vulnerability-benchmarks). My experiments suggest that Qark detected only 2 out of the 25 vulnerabilities in that benchmark. The benchmarks detected successfully by Qark were :
All other benchmarks were not detected. Please visit the benchmark URL mentioned above to get a complete list of the vulnerability benchmarks.
Please let me know if you want to more details about my experiment and how it was conducted.