DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
This release includes an optimization for tainting, which is described in the DECAF++ paper. It also fixes a bug in pointer tainting, and other small issues. The documentation has also been improved. It includes more wiki pages about some implementation details.
include dockerfile to automatically build a docker image for decaf. fix an issue related to incorrect callback handling that can cause system hang.