Overview

ARTist is a flexible open source instrumentation and hybrid analysis framework for Android apps and Android’s Java middleware. It is based on the Android Runtime’s (ART) compiler and modifies code during on-device compilation.

ARTist blends particularly well into the Android app install mechanism because it does not change the app’s package (APK) file but just replaces the compiled native version, hence it preserves the package signature so that modified apps still receive updates.

Use cases

Depending on whether you just want to use ARTist as an applications to leverage existing instrumentation and analysis modules or if you want to actively develop using ARTist, there is documentation available for the different use cases:

  1. ARTist for Users explains how to use ready-made ARTist versions that are packages as Android apps (APK files). With these instructions, you can download & install ARTist and start trying it out immediately.
  2. ARTist for developers provides much more insight into the overall ARTist Ecosystem and explains how to setup your machine to get started with developing with and for ARTist.

Applications & Deployment

ARTist can be used to instrument arbitrary third party apps and Androids Java middleware layer (e.g., system server). When applied to apps, the ARTist compiler is shipped to a device via the ArtistGui app that provides the user with full control over the analysis and instrumentation of installed apps. Users can pick applications for recompilation so that the current modules can take effect. The app also allows to keep apps instrumented so that the recompilation step is repeated immediately after the target app is updated.

ARTist can also be used in custom ROMs to instrument apps when they are installed or even the middleware itself. Instead of deploying it to the application later using ArtistGui app, in this case ARTist replaces the system compiler so that it is automatically triggered as a part of the default toolchain to install applications. The middleware, however, is mostly compiled at first boot and after major system updates.

For more information about the different deployment options, have a look at the developer’s page.

Modularization

The true power of ARTist is leveraged by using its module framework. While ARTist only provides the framework, the actual business logic is implemented in different modules that can be chosen and combined. A module encapsules the implementation of a certain use case with all its dependencies. For more information on what exactly modules are and how to create them, please refer to the module page.

Typical use cases for ARTist modules include:

  1. Method hooking: Inline Reference Monitoring, method call tracing, …
  2. Debugging and analysis of third-party applications
  3. Customization of applications and the system

You can find ready-made module packages in our binary section. You can just download them to your device, import the module via ArtistGui and apply them to your apps.

For technical reasons, we currently do not support dynamic module loading when deploying ARTist as the system compiler (e.g., to instrument the system server).