first commit

Author: BitTheByte

.github/workflows/release.yml

@@ -0,0 +1,66 @@
+name: Manisec Release
+
+on:
+  workflow_dispatch:
+
+permissions:
+  contents: write
+
+jobs:
+  build-release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up JDK
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '21'
+
+      - name: Bump version
+        id: bump
+        run: |
+          python - <<'PY'
+          import os
+          import re
+          from pathlib import Path
+
+          pom = Path("pom.xml")
+          text = pom.read_text(encoding="utf-8")
+          m = re.search(r"(<version>)(\d+\.\d+\.\d+)(</version>)", text)
+          if not m:
+            raise SystemExit("Version not found in pom.xml")
+          major, minor, patch = map(int, m.group(2).split("."))
+          patch += 1
+          new_version = f"{major}.{minor}.{patch}"
+          text = text[:m.start(2)] + new_version + text[m.end(2):]
+          pom.write_text(text, encoding="utf-8")
+          print(new_version)
+          out = os.environ.get("GITHUB_OUTPUT")
+          if out:
+            with open(out, "a", encoding="utf-8") as f:
+              f.write(f"version={new_version}\n")
+          PY
+
+      - name: Build
+        run: mvn -DskipTests package
+
+      - name: Commit version bump
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git add pom.xml
+          git commit -m "chore: bump version to ${{ steps.bump.outputs.version }}" || exit 0
+          git tag "manisec-${{ steps.bump.outputs.version }}"
+          git push origin HEAD --tags
+
+      - name: Release
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: manisec-${{ steps.bump.outputs.version }}
+          name: Manisec ${{ steps.bump.outputs.version }}
+          files: target/manisec-${{ steps.bump.outputs.version }}.jar

.gitignore

@@ -0,0 +1,19 @@
+# Maven
+/target/
+
+# JVM
+*.class
+*.log
+hs_err_pid*
+
+# IDEs
+.idea/
+*.iml
+.classpath
+.project
+.settings/
+.vscode/
+
+# OS
+.DS_Store
+Thumbs.db

AGENTS.md

@@ -0,0 +1,31 @@
+# Repository Guidelines
+
+## Project Structure & Module Organization
+- `src/main/java/com/manifestsecurity/`: Java sources for the Jadx GUI plugin (scanner logic, UI, models).
+- `src/main/resources/`: plugin metadata and services registration (e.g., `META-INF/services/jadx.api.plugins.JadxPlugin`).
+- `pom.xml`: Maven build configuration and dependencies.
+- `target/`: build output (generated by Maven).
+
+## Build, Test, and Development Commands
+- `mvn -DskipTests package`: Build the plugin JAR without tests. Output: `target/manisec-<version>.jar`.
+- `mvn package`: Standard build; use once tests are added.
+- `mvn -q -DskipTests package`: Quiet build for CI logs.
+
+## Coding Style & Naming Conventions
+- Java 8 source/target (see `pom.xml`).
+- Indentation: 4 spaces; no tabs.
+- Naming: `PascalCase` for classes (e.g., `ManifestSecurityScanner`), `camelCase` for methods/fields, `UPPER_SNAKE_CASE` for constants.
+- Packages follow reverse-domain style: `com.manifestsecurity.*`.
+
+## Testing Guidelines
+- No automated test framework is configured yet.
+- If adding tests, place them under `src/test/java` and name classes `*Test` (e.g., `ManifestSecurityScannerTest`).
+- Prefer JUnit 5 for new tests unless project requirements change.
+
+## Commit & Pull Request Guidelines
+- No Git history is available in this workspace. Use concise, imperative commit messages (e.g., `Add exported component checks`).
+- PRs should include: a clear description, build instructions if changed, and screenshots for UI updates (e.g., report window changes).
+
+## Security & Configuration Tips
+- This plugin analyzes `AndroidManifest.xml` for security-relevant signals; keep new checks fast and deterministic.
+- When adding new findings, update both the scanner and UI rendering to keep results aligned.

README.md

@@ -0,0 +1,22 @@
+# Manisec
+
+Jadx plugin that scans `AndroidManifest.xml` for security-relevant signals 
+
+## Showcase
+![](assets/report.png)
+
+## Build
+```
+mvn -DskipTests package
+```
+Jar output:
+```
+target/manisec-<version>.jar
+```
+
+## Install (Jadx GUI)
+- **Plugins → Install plugin** and pick the jar.
+- Or install **Manisec** directly from the Jadx plugin store.
+
+## Usage
+- **Plugins → Manisec Report**

assets/report.png

@@ -0,0 +1,75 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>com.manifestsecurity</groupId>
+    <artifactId>manisec</artifactId>
+    <version>0.1.0</version>
+    <name>Manisec</name>
+
+    <properties>
+        <maven.compiler.source>1.8</maven.compiler.source>
+        <maven.compiler.target>1.8</maven.compiler.target>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>io.github.skylot</groupId>
+            <artifactId>jadx-core</artifactId>
+            <version>1.5.3</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>io.github.skylot</groupId>
+            <artifactId>jadx-gui</artifactId>
+            <version>1.5.3</version>
+            <scope>provided</scope>
+        </dependency>
+    </dependencies>
+
+    <repositories>
+        <repository>
+            <id>google</id>
+            <url>https://dl.google.com/android/maven2/</url>
+        </repository>
+    </repositories>
+
+    <build>
+        <finalName>manisec-${project.version}</finalName>
+        <resources>
+            <resource>
+                <directory>src/main/resources</directory>
+            </resource>
+        </resources>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.11.0</version>
+                <configuration>
+                    <source>${maven.compiler.source}</source>
+                    <target>${maven.compiler.target}</target>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <version>3.3.0</version>
+                <configuration>
+                    <archive>
+                        <manifest>
+                            <addDefaultImplementationEntries>true</addDefaultImplementationEntries>
+                        </manifest>
+                        <manifestEntries>
+                            <Implementation-Title>Manisec</Implementation-Title>
+                            <Implementation-Version>${project.version}</Implementation-Version>
+                        </manifestEntries>
+                    </archive>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>

pom.xml

@@ -0,0 +1,67 @@
+package com.manifestsecurity;
+
+import com.manifestsecurity.report.ReportModel;
+import com.manifestsecurity.ui.ManifestNavigator;
+import com.manifestsecurity.ui.ManifestSecurityDialog;
+import jadx.api.JadxDecompiler;
+import jadx.api.plugins.JadxPlugin;
+import jadx.api.plugins.JadxPluginContext;
+import jadx.api.plugins.JadxPluginInfo;
+import jadx.api.plugins.JadxPluginInfoBuilder;
+import jadx.api.plugins.gui.JadxGuiContext;
+
+import javax.swing.JFrame;
+import javax.swing.SwingWorker;
+public class ManifestSecurityPlugin implements JadxPlugin {
+    private final ManifestSecurityService service = new ManifestSecurityService();
+    private JadxDecompiler decompiler;
+    private JadxGuiContext guiContext;
+    private ManifestSecurityDialog dialog;
+
+    @Override
+    public JadxPluginInfo getPluginInfo() {
+        return JadxPluginInfoBuilder.pluginId("manisec")
+                .name("Manisec")
+                .description("Manifest security analysis with navigable findings")
+                .build();
+    }
+
+    @Override
+    public void init(JadxPluginContext context) {
+        this.decompiler = context.getDecompiler();
+        this.guiContext = context.getGuiContext();
+        if (guiContext != null) {
+            guiContext.addMenuAction("Manisec Report", this::openReport);
+        }
+    }
+
+    private void openReport() {
+        if (decompiler == null || guiContext == null) {
+            return;
+        }
+        JFrame frame = guiContext.getMainFrame();
+        SwingWorker<ReportModel, Void> worker = new SwingWorker<ReportModel, Void>() {
+            @Override
+            protected ReportModel doInBackground() {
+                return service.analyze(decompiler);
+            }
+
+            @Override
+            protected void done() {
+                try {
+                    ReportModel report = get();
+                    if (dialog != null) {
+                        dialog.setVisible(false);
+                        dialog.dispose();
+                    }
+                    ManifestNavigator navigator = new ManifestNavigator(decompiler, guiContext, report.getManifestSource());
+                    dialog = new ManifestSecurityDialog(frame, report, navigator);
+                    dialog.showWindow();
+                } catch (Exception ignored) {
+                }
+            }
+        };
+        worker.execute();
+    }
+
+}