We initially experimented with reverse engineering to explore vulnerabilities of our own apps. We learned how hackers find security gaps in our apps. Looking other apps on our phone, we also learned how seemingly legitimate apps invade our privacy.

DeepDive will continuously evolve to serve educational and ethical hacking needs. It currently integrates a half a dozen different reverse-engineering tools. This list of tools will be expanded to include new open source tools while maintaining existing tools.

Current Status

Google’s Developer Program Policies prohibit the reverse engineering of applications. While reverse-engineering is legal in the United States and the vast majority of countries around the world, Google has chosen to block apps like DeepDive from the Play Store. Consequently users are forced to side load the app, instructions here.

DeepDive targets Android 9 (API level 28) and run on devices with a minimum of Android 7.0 (API 24).

Roadmap

The current Android-based product line will be expanded to include a product that runs on Macintosh and Linux. While smartphones and tablets are impressive computers for their size and portability, the low-cost and computing power of a server is the ideal platform for DeepDive. We will be releasing details of a server foundation in the near future.

  • Project Storage > Allow project folders to be used on additional storage devices such as external sdcards and internal sdcards.
  • Lucene Enhancements > Replace manual search indexing with automated indexing. When files are created, modified or deleted, the Lucene index will be automatically updated.
  • Vulnerability SearchSet Library > An on-line library of SearchSets will be updated and maintained by Nuvolect and end users.
  • DeepDive-Server > The DeepDive product line will be expanded to run on Macintosh and Linux servers. The purpose is to leverage the computing power of a server while supporting an entire classroom of students.
  • Classroom Server > Build a server version specifically for the classroom that supports multi-account setup and maintenance functions.
  • Security Best Practices > Expand on App security best practices to include examples of what to do and what not to do with code examples.

Discussion and Feedback

We encourage your feedback and offer multiple communication channels.

For specific product bug and enhancement issues, we recommend the DeepDive Issues page.

You can also Contact Nuvolect directly.

Updated February 08, 2019