Skip to content

kikyps/GarudaDefender

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
img
img
 
 
CrackME_v3.2.0.apk
CrackME_v3.2.0.apk
 
 
README.md
README.md
 
 
version.json
version.json
 
 

Repository files navigation

Garuda Defender

Android RASP project, Protect Mobile App from any vulnerabilities.

#1 The First Indonesian Android Security Framework 🇮🇩.
#Cyber Security Solution.
#Since 2023 (Repository will always be overwritten).

Protection Feature Provided

Runtime Application Self-Protection

Feature Status
☑ Anti HookingInline Hook, PLT Hook, Stackplz, Frida, jshook, Java Hook (xposed/lsposed, simple hook, pine, etc)
 Available
☑ Dynamic tamper detection (e.g Code Patching)Anti patch code, such as dex, libso, hermes engine (React Native).
 Available
☑ Anti FRIDADetect any modified frida framework based on frida or strong frida.
 Available
☑ Anti StackplzDetect Stackplz Android Tracing & Hooking.
 Available
☑ Anti Debugging & Breakpoint (Java & Native)Detects debugging attempts on your application through a wide variety of tools, including IDA PRO, Binary Ninja, GDB, ADB, etc
 Available
☑ Anti EmulationString encryption is protected with anti-emulation mechanisms such as the unicorn engine and the qiling framework.
 Available
☑ Root DetectionResist root hiders like Shamiko, ZygiskNext, and other trick module
 Available
☑ Certificate Signature IntegrityCertificate Signature anti-tamper app. (supports sign scheme v1, v2, v3)
 Available
☑ Emulator/Virtual Machine DetectionDetect all types of emulators, such as gaming emulators and any Android virtual device, also supports detecting Android emulators such as VPhoneGaGa, Vmos, Virtual Master, F1VM (X8 Sandbox), twoyi
 Available
☑ Game Engine Protection "Anti Cheat"Protecting Game Engine from tampering or hacking for anti game cheat based on (Unity, Unreal Engine, Cocos)
 Available
☑ Memory Patch DetectionAnti Memory Patching, such as memory patcher framework, and GameGuardian
 Available
☑ Dalvik code patch detectionAnti tools patcher such as (LuckyPatcher, JasiPatcher, etc), Anti modify without modifying the APK file.
 Available
☑ Screen ProtectionAnti ScreenShot, ScreenCapturing, ScreenRecording, and ScreenSharing.
 Available
☑ Auto Clicker & Overlay attacks DetectionProtects the screen from malicious clickers, and prevents overlay attacks
 Available
☐ Fake GPS Detection
 Coming Soon

Code Protection

Feature Status
☑ String Encryption (Java Layer Protection) Available
☑ Control Flow Obfuscation (Java Layer Protection) Available
☐ Obfuscate method and field names Coming Soon

Network Communication Protection

Feature Status
☑ HTTP Capture Detection Available
☑ Certificate SSL Pinning Available

Protection Mechanism

  • Realtime Protection
  • Protection is timeless and strictly protects content 360 degrees
  • Using Cryptography
  • Obfuscated Methods and Strings
  • Works fully offline

Changelog

New support encrypt static string field

See full changelog here

PREVIEW & DEMO

1. Control Flow Obfuscation

Protecting the application's business logic.

Before After

JADX failed to decompile

2. Emulator detection

Memu Emulator LDPlayer Emulator VPhoneGaGa Android Virtual/Emulator Mumu Emulator

I can't provide many example images for all emulator detection, you can try it yourself.

3. HTTP Capture Detection

A demo for Anti HTTP Capture
antihttpcapture.mp4

For Android

3.km_20241012_1080p_60f_20241012_171637.mp4

4. Certificate SSL Pinning (ANTI BYPASS)

How does this work so it is anti bypass?

Strong and Private built from scratch and is not like existing certificate pinner libraries

A demo for SSL Pinning
sslpin.mp4

5. Dalvik code patch detection

A demo for Dalvik code patch detection using LuckyPatcher
km_20241016_1080p_60f_20241016_181255.mp4

6. Auto Clicker & Overlay attacks Detection

A demo for Auto Clicker & Overlay attacks Detection
km_20241026_1080p_60f_20241026_214843.mp4

7. ScreenSharing Protection

A demo for ScreenSharing Protection
vid.mp4

8. Support Multi-Language

English Language Indonesian Language Russian Language Chinese Language

Supports 40 languages

Language Status
English
Indonesian
Chinese
Russian
Hindi
Turkish
German
Spanish
Italian
Portuguese
Dutch
French
Ukrainian
Kazakh
Japanese
Korean
Vietnamese
Thai
Filipino
Burmese
Polish
Arabic
Persian
Urdu
Afrikaans
Belarusian
Georgian
Uzbek
Lithuanian
Romanian
Estonian
Nepali
Latvian
Armenian
Azerbaijani
Danish
Norwegian
Greek
Slovak
Finnish

NOTE

  1. Emulator detection is more suitable for games, this feature is specifically for game developers who don't want their games to be played via an emulator for certain reasons.

  2. HTTP Capture detection and SSL Pinning are different but share the same goal of protecting network communications from malicious activities commonly conducted via MITM attacks. The difference between the two is that HTTP Capture detection directly identifies network capture activities such as HTTP, while SSL Pinning verifies the authenticity and integrity of the server’s SSL certificate.

  3. Screen Capture protection and Anti auto clicker are not activated in this demo app!

TODO

  • Fake GPS Detection.
  • Integration with servers for more convenient detection monitoring and control.
  • Built-in Anti-Malware (Threat detection from other applications, similar to what Play Protect does).

FAQ

1. Support Most Android Version

  • Support Android 5.0 - 16 (API level 21 - 36).
  • Support armeabi-v7a, arm64-v8a, x86 and x86_64.
  • Support Android Framework App (Flutter, React Native)

2. Extremely fast and modern vulnerability detection

Sometimes, expensive products out there have slow detection systems that consume a lot of resources. We confidently make this statement and are willing to compare the sophistication of our product against others, because we have conducted comparative research and obtained proven results.

Designed for extremely fast detection and high stability, advanced algorithms to adapt to modern vulnerabilities and tested intently and measurably.

Launch speed testing

Results will vary depending on device specifications!

3. Less RAM Consumption

Rich in features but still runs efficiently with minimal RAM usage without overhead and memory leaks.

Memory usage comparison

Comparison of memory usage on protected apk and unprotected apk

Unprotected APK Protected APK With Garuda Defender
Unprotected APK
Protected APK With Garuda Defender

Results will vary depending on device specifications!

Testing carried out in debug mode in theory at release should be lower than the results in the video.

4. Does not affect application performance

We employ the most effective methods to maintain the performance of the application. This framework ensures that the application remains fast and preserves the speed of app launch.

We don't use Shell/ClassLoader because we find it less efficient and it slows down the application launch. Decrypting and loading the dex files take up considerable time, which contributes to the delay. Another drawback is that shells can be easily repackaged.

In doing so, we opt for another approach to safeguard your Java source code, protecting it from the exposure of application business logic and the authenticity of its code.

5. Friendly with other applications and piracy tools

Sometimes some security framework providers block piracy tools or applications to prevent unwanted things, of course this is not friendly in our opinion.

Therefore our goal is that all such tools will be useless for our framework, there is no need to blindly block other applications that are not desired.\

6. No Developer Option Blocker

One of the funniest things is why block the developer options?

GarudaDefender will handle everything without restricting your usage policies or disrupting the user experience.

7. No threats or viruses detected

This framework does not cause false detection as a virus, of course this will increase the success rate of submitting applications to the Playstore

8. No special android permissions required

You can analyze it yourself by opening AndroidManifest.xml, see uses-permission, there are no permissions used, So don't claim we are digging up your information!

Check Result

Download Demo APK

Download Demo

Limitations

  • At the moment, the framework only works for Android applications.
  • Currently in development for standalone deployment without the need for coding. If you need a demo in your application, please contact us, and we will integrate it into your app.

Lessons

Of course we are aware and care about the security, authenticity, robustness in our systems, so we continue to maintain and research modern vulnerabilities to continue to maintain our security. Carrying out rigorous analysis and testing from various angles to provide the best service for our users.

Interested?

This project is not available as open-source. If you are interested and want to build a business, we are open to it.

Contact:
r383425@proton.me

About

Android RASP project, Protect APK from any vulnerabilities.

Resources

Readme
Activity

Stars

312 stars

Watchers

4 watching

Forks

36 forks
Report repository

Releases 22

CrackME v3.2.0 Latest
Jan 9, 2026
+ 21 releases

Packages

No packages published