[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-82976":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":9,"totalLinesOfCode":9,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":9,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":9,"rankLanguage":9,"license":9,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":22,"hasPages":22,"topics":24,"createdAt":9,"pushedAt":9,"updatedAt":30,"readmeContent":31,"aiSummary":32,"trendingCount":16,"starSnapshotCount":16,"syncStatus":33,"lastSyncTime":34,"discoverSource":35},82976,"Duck-Detector-Refactoring","eltavine\u002FDuck-Detector-Refactoring","eltavine","Android environment integrity inspection tool for root, hook, bootloader, SELinux, virtualization, and attestation signals",null,"https:\u002F\u002Fgithub.com\u002Feltavine\u002FDuck-Detector-Refactoring","Kotlin",595,112,6,4,0,28,36,38,84,10.16,false,"main",[25,26,27,28,29],"android","bootloader","magisk-detection","root-detection","lsposeed","2026-06-12 02:04:29","\u003Cp align=\"center\">\n  \u003Cimg src=\"logo.png\" alt=\"DuckDetector Logo\" width=\"600px\">\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Feltavine\u002FDuck-Detector-Refactoring\u002Fstargazers\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002Feltavine\u002FDuck-Detector-Refactoring?style=social\" alt=\"Stars\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Feltavine\u002FDuck-Detector-Refactoring\u002Fnetwork\u002Fmembers\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fforks\u002Feltavine\u002FDuck-Detector-Refactoring?style=social\" alt=\"Forks\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Feltavine\u002FDuck-Detector-Refactoring\u002Freleases\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Frelease\u002Feltavine\u002FDuck-Detector-Refactoring?style=flat-square&logo=github\" alt=\"Releases\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Feltavine\u002FDuck-Detector-Refactoring\u002Freleases\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fdownloads\u002Feltavine\u002FDuck-Detector-Refactoring\u002Ftotal?style=flat-square\" alt=\"Downloads\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Ft.me\u002Fduck_detector\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FTelegram-Channel-2CA5E0?logo=telegram&logoColor=white&style=flat-square\" alt=\"Telegram\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Feltavine\u002FDuck-Detector-Refactoring\u002Fblob\u002Fmain\u002FLICENSE\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flicense\u002Feltavine\u002FDuck-Detector-Refactoring?style=flat-square\" alt=\"License\">\u003C\u002Fa>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Cstrong>\u003Ca href=\"README.MD\">English\u003C\u002Fa>\u003C\u002Fstrong> &nbsp; \u003Cstrong>\u003Ca href=\"README_ZH.MD\">简体中文\u003C\u002Fa>\u003C\u002Fstrong>\n\u003C\u002Fp>\n\n\u003Ch4 align=\"center\">\n  \u003Cstrong>DuckDetector is the ultimate open-source, on-device Android security tool for auditing Bootloader, Root, SU, and KeyStore Attestation.\u003C\u002Fstrong>\n\u003C\u002Fh4>\n\n# 📖 Description\nDuckDetector is an Android security detection application focusing on local, on-device evidence collection. It is designed to identify Root-related tampering, runtime Hooks, Mount operations, KeyStore integrity (Attestation Trust), and virtualized execution environments. This application combines a Jetpack Compose UI interface, modular Kotlin detection packages, and low-level C++ \u002F assembly probes to present detailed detection results, method coverage, and scanning status summaries through structured cards.\n\n# ⚠️ Development Rules\n> Please read the [DuckDetector coding standards](.\u002FCODING_STANDARDS.md) before submitting changes to the codebase, workflows, or git history.\n\n# ✨ Highlights\n * **Modular Architecture**: Features independent modules with specific functions; each module includes its own exclusive Repository, Mapper, ViewModel, and card UI.\n * **Native Preload**: Implements low-level early preloading via a transparent NativeActivity launcher to capture extremely early mount points and virtualization traces.\n * **Native Probes**: Utilizes system-call (Syscall) level, time-sensitive, mount, and runtime visibility checks implemented in C++ and Assembly.\n * **Cross-Process & Isolated Process Validation**: Co-validates across multiple processes and isolated processes (Isolated Process) to minimize reliance on a single signal.\n * **Local & Privacy-First**: By default, TEE revocation checks use a built-in static snapshot. It only accesses the network when the user manually enables \"Online Refresh\" in settings.\n# 🔍 Detector Coverage\nThe app currently supports heuristic detection in the following security domains:\n> Bootloader · Custom ROM · Dangerous Apps · Kernel Check · LSPosed · Memory · Mount · Native Root · Play Integrity Fix · SELinux · SU · System Properties · TEE · Virtualization · Zygisk\n> \nIn addition, the project contains helper modules such as dashboard, settings, and deviceinfo to provide data aggregation, user controls, and device context visualization.\n# 📱 Compatibility\n\n| Dimension \u002F Target | Notes |\n| :--- | :--- |\n| **Android Version** | Supports Android 10+ (minSdk 29), built based on targetSdk 37 \u002F compileSdk 37.0. |\n| **Architecture (ABI)** | Low-level probes are implemented via the NDK layer; some low-level trap paths are optimized primarily for the arm64-v8a architecture. |\n| **Environment Requirements** | Runs without root permissions, suitable for stock official systems as well as various customized\u002Fmodified environments. |\n| **Coverage Performance** | When OEM manufacturers or strict sandbox rules restrict access, some checks may downgrade to support, unavailable, or low-coverage status. |\n| **Network Dependency** | Completely local by default. Built-in TEE revocation credentials run offline, generating traffic only during a manual network refresh. |\n\n## 🎨 User Interface\n * **Compose Dashboard**: Includes detection cards, scan status summaries, top findings, and detailed expandable rows.\n * **Consistent Card Design**: A unified shared card style ensures excellent readability for long labels, detection statuses, and evidence strings across different modules.\n * **Independent Settings & Info Streams**: Separates advanced controls and environmental context from the main detection logic to keep the interface clean.\n## 📁 Architecture Snapshot\n```text\nDuck-Detector-Refactoring\u002F\n├─ app\u002F\n│  ├─ src\u002Fmain\u002Fjava\u002Fcom\u002Feltavine\u002Fduckdetector\u002F\n│  │  ├─ core\u002F            # Core common components and foundations\n│  │  ├─ features\u002F        # Individual detection feature modules\n│  │  └─ ui\u002F              # Global common UI and themes\n│  └─ src\u002Fmain\u002Fcpp\u002F       # Low-level C++ \u002F Assembly probe source code\n├─ build-logic\u002F           # Gradle composite build logic\n├─ gradle\u002F                # Gradle wrapper configuration\n├─ scripts\u002F               # Automation or helper scripts\n├─ build.gradle.kts\n└─ settings.gradle.kts\n```\nMost detection feature modules (features) strictly follow this clear package structure:\n * **domain**: Data models for reports and results (Models).\n * **data**: Repositories, probes, native bridges, and system service helpers.\n * **presentation**: Data mappers and UI-state reducers.\n * **ui**: Detection card components and module-specific UI models.\n> 💡 All native probes are located under app\u002Fsrc\u002Fmain\u002Fcpp and are ultimately compiled into a single shared dynamic link library (.so). This is used for preload capture, mount checks, virtualization snapshots, renderer validation, and low-level trap path interceptions.\n> \n## 🛠️ Build\n### Requirements\n * **Android Studio** (Latest stable version recommended)\n * Android SDK 37.0 & Android Build Tools 37.0.0\n * **JDK** 17\n * Android **NDK** 30.0.14904198\n * **CMake** 4.1.2\n### Build Commands\n**Compile Debug Version:**\n```bash\n# Windows environment\ngradlew.bat :app:assembleDebug\n# Linux \u002F macOS environment\n.\u002Fgradlew :app:assembleDebug\n```\n**Daily Development Validation Command (Recommended):**\n```bash\n# Validate Kotlin compilation, run unit tests, and package the app\n.\u002Fgradlew :app:compileDebugKotlin :app:testDebugUnitTest :app:assembleDebug\n```\n> 🔐 **Signing Note**: Automatic signing for the Release version is controlled by the environment variables ANDROID_KEYSTORE_PATH, ANDROID_KEYSTORE_PASSWORD, ANDROID_KEY_ALIAS, and ANDROID_KEY_PASSWORD. When these four variables are fully present, the build system will automatically enable the ciRelease signing configuration.\n> \n## 🔒 Privacy & Limits\n * **Localized Security**: Detection logic runs primarily locally on the device; it does not collect or upload your sensitive private data.\n * **Non-Intrusive**: The app itself **does not** require root privileges to function properly.\n * **Heuristic Detection**: All security detections are based on heuristic algorithms. No single signal should be relied upon in isolation as absolute proof of trustworthiness.\n * **Hardware & Vendor Restrictions**: Due to OEM policies or sandbox rules, some probes may report downgraded statuses on specific models. Certain low-level checks rely strictly on the arm64-v8a ABI architecture.\n## 📈 Status & Stars\n\n\u003Cp>\n  \u003Cimg src=\"https:\u002F\u002Fapi.star-history.com\u002Fsvg?repos=eltavine\u002FDuck-Detector-Refactoring&type=Date\" alt=\"Star History Chart\" width=\"600\">\n\u003C\u002Fp>\n\n## ⚖️ Disclaimer\nThis software is provided \"as is\", without warranty of any kind. It is designed for educational, diagnostic, and security research purposes only. The developers assume no liability for direct or indirect damage, data loss, or system instability resulting from use of this application. Relying on heuristic security detection is at your own risk.\n\n## 📄 License\nThis project is open-sourced under the Apache License 2.0.\n\n## 👥 Contributors\n\n### Code Contributors\n\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Feltavine\u002FDuck-Detector-Refactoring\u002Fgraphs\u002Fcontributors\">\n  \u003Cimg src=\"https:\u002F\u002Fcontrib.rocks\u002Fimage?repo=eltavine\u002FDuck-Detector-Refactoring\" alt=\"Contributors\" \u002F>\n\u003C\u002Fa>\n\n### Special Thanks\n\n\u003Cp>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Faviraxp\" title=\"aviraxp\">\u003Cimg src=\"https:\u002F\u002Fimages.weserv.nl\u002F?url=https:\u002F\u002Fgithub.com\u002Faviraxp.png&w=64&h=64&mask=circle\" width=\"64\" height=\"64\" alt=\"aviraxp\">\u003C\u002Fa>\n  &nbsp;\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002F5ec1cff\" title=\"5ec1cff\">\u003Cimg src=\"https:\u002F\u002Fimages.weserv.nl\u002F?url=https:\u002F\u002Fgithub.com\u002F5ec1cff.png&w=64&h=64&mask=circle\" width=\"64\" height=\"64\" alt=\"5ec1cff\">\u003C\u002Fa>\n\u003C\u002Fp>\n\n","DuckDetector 是一款针对Android设备的环境完整性检查工具，主要用于检测Root、Hook、Bootloader状态、SELinux配置、虚拟化环境以及密钥存储认证信号。该项目采用Kotlin语言开发，结合了Jetpack Compose UI界面和模块化的检测包设计，同时利用C++\u002F汇编级别的探针技术来实现深层次的安全审计。其核心功能包括但不限于：模块化架构支持独立功能组件的灵活组合；通过原生预加载机制捕捉早期挂载点与虚拟化痕迹；跨进程及隔离进程验证确保多维度信号校验。DuckDetector适用于需要对移动应用运行时安全性和环境完整性进行评估的场景，如企业级移动安全管理或个人隐私保护等。",2,"2026-06-11 04:09:47","trending"]