~/hackyfeed
> cat /dev/github | grep security-tools
discovered 30 Mar 2026

quark-engine

Python ★ 1652 via github-topic
→ View on GitHub

AI Summary: Quark Engine is a comprehensive tool designed for malware family analysis and vulnerability assessment, particularly in the context of Android malware. Its primary use case involves identifying and reporting on various malware behaviors and signatures, enabling security researchers to assess risks and improve defenses. Notable features include detailed analysis reports, a rule-based scoring system for malware, and compatibility with Python 3.10, making it accessible for developers and cybersecurity professionals.

README

Black Hat Arsenal Black Hat Arsenal HITB defcon
build status codecov license python version PyPi Download
Twitter

Malware Family Analysis Report Showcase

FamilySummarySignature BehaviorsReport
DroidKungFuPrivilege escalation with C2 control.1. Gain unlimited access to a device.
2. Install/Uninstall additional apps.
3. Forward confidential data.		View
GoldDreamSMS/call log exfiltration with remote C2 commands.1. Monitor SMS messages and phone calls.
2. Upload SMS messages and phone calls to remote servers.		View
SpyNoteCredential theft and device surveillance via RAT.1. Take screenshots.
2. Simulate user gestures.
3. Log user input.
4. Communicate with C2 servers.		View
DawDropperDropper that installs banking trojans for financial theft.1. Download APKs from remote servers.
2. Install additional APKs.		View
SLockerAndroid ransomware locking/encrypting devices.1. Lock the device with an overlay screen.View
PhantomCardNFC relay–based financial fraud.1. Communicate with C2 servers.
2. Read the payment data of NFC cards.
3. Captures PINs of NFC cards through deceptive screens.		View

Quick Start

Step 1. Install via PyPi

Install the latest version of Quark Engine:

$ pip3 install -U quark-engine

Step 2. Download Latest Rules

Fetch the latest rule database:

$ freshquark

Step 3. Run Summary Report

Analyze an APK with the downloaded rules and generate a summary report:

$ quark -a <apk_file> -s

Step 4. View Results

Example output: Screenshot-2025-11-25-22-36-54

Acknowledgments

The Honeynet Project

Honeynet.org logo

Google Summer Of Code

Quark-Engine has been participating in the GSoC under the Honeynet Project!

Stay tuned for the upcoming GSoC! Join the Honeynet Slack chat for more info.

Core Values of Quark Engine Team

  • We love battle fields. We embrace uncertainties. We challenge impossibles. We rethink everything. We change the way people think. And the most important of all, we benefit ourselves by benefit others first.
malware python