Ghera is an effort to create and maintain a repository of verifiable Android app vulnerability benchmarks. It is intended to enable reproducible Android security analysis research and improve developer awareness about vulnerabilities.


Rekha is a continuous effort to evaluate the effectiveness of Android app security analysis tools in detecting known vulnerabilities documented in Ghera repository. The artifacts from the first evaluation of freely available tools is available here. The manuscript describing the findings is available here.