Pithus is a free and open-source mobile threat intelligence platform for activists, journalists, NGOs, researchers...
Pithus is the answer to the exponential growth of mobile threats. Malicious apps, fake apps, data laundering are the main threats when it comes to mobile security. Their detection and analysis should be available for all and not the property of a private company. Unlike some commercial solutions with exorbitant prices, Pithus is a entirely open platform supported and maintained by the community. Threats such as permanent tracking and data laundering are made possible by the total lack of transparency and the lack of understanding around what and how data is gathered. Pithus brings transparency through clear and structured reports. Activists, journalists, NGOs, and any other technical community can easily generate these reports and leverage them to better understand the threat landscape.
If you have any question, feel free to contact us at pandora [at] pithus [dot] org or file an issue on Github.
You can also come talk to us on our Discord server.
If you would like to explore some of Pithus' features and have a real world example of how you can work with this tool, we have a TryHackMe room dedicated to Pithus. Try it here: https://tryhackme.com/room/androidmalwareanalysis.
For the moment, Pithus is maintained by only one person, support her! Pithus hosting costs 29€ per month.
Pithus is currently in beta and runs on a personal computer. The number of returned results is limited to 50. Pithus only does static analysis.
The Pandora myth is a kind of theodicy, addressing the question of why there is evil in the world. According to this, Pandora opened a jar (pithos) (commonly referred to as "Pandora's box") releasing all the evils of humanity.
Pithus analyses, which we want to be as comprehensive as possible, rely on multiple well-known tools such as:
Samples detected as malicious are automatically uploaded to MalwareBazaar.Under the hood, Pithus is based on: