From 8f7c8db6db00e817a9e809ab8232371fd9967ef0 Mon Sep 17 00:00:00 2001
From: evilcel3ri <evilcel3ri@email>
Date: Fri, 24 Mar 2023 13:16:09 +0100
Subject: [PATCH 1/8] Removing sha for dexo_func + adding |safe to
 dexofuzzy_hash

---
 bazaar/core/utils.py                          | 3 ++-
 bazaar/front/forms.py                         | 2 +-
 bazaar/templates/front/report/m_androcfg.html | 2 +-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/bazaar/core/utils.py b/bazaar/core/utils.py
index 4348a0b..594a86a 100644
--- a/bazaar/core/utils.py
+++ b/bazaar/core/utils.py
@@ -240,7 +240,8 @@ def get_matching_items_by_ssdeep(ssdeep_value, threshold_grade, index, sha256):
     return sha256_list_to_return
 
 
-def get_matching_items_by_ssdeep_func(ssdeep_value, threshold_grade, index, sha256):
+def get_matching_items_by_ssdeep_func(ssdeep_value, threshold_grade, index):
+    ssdeep_value = ssdeep_value.replace(" ", "+").replace("%2F", "/")
     chunksize, chunk, double_chunk = ssdeep_value.split(':')
     chunksize = int(chunksize)
     es = Elasticsearch(settings.ELASTICSEARCH_HOSTS)
diff --git a/bazaar/front/forms.py b/bazaar/front/forms.py
index 60f8e6b..b976d03 100644
--- a/bazaar/front/forms.py
+++ b/bazaar/front/forms.py
@@ -48,7 +48,7 @@ def do_search(self, sha=''):
             if algorithm == 'ssdeep':
                 results = get_matching_items_by_ssdeep(hash, 25, settings.ELASTICSEARCH_SSDEEP_APK_INDEX, sha)
             if algorithm == 'func_hash':
-                results = get_matching_items_by_ssdeep_func(hash, 25, settings.ELASTICSEARCH_APK_INDEX, sha)
+                results = get_matching_items_by_ssdeep_func(hash, 25, settings.ELASTICSEARCH_APK_INDEX)
 
         except Exception as e:
             print(e)
diff --git a/bazaar/templates/front/report/m_androcfg.html b/bazaar/templates/front/report/m_androcfg.html
index b48c406..079c9e4 100644
--- a/bazaar/templates/front/report/m_androcfg.html
+++ b/bazaar/templates/front/report/m_androcfg.html
@@ -15,7 +15,7 @@ <h4>{{ r.rule.title }}</h4>
                 <li>
                   <a class="btn btn-sm btn-link p-0 text-decoration-none" target="_blank"
                      href="{% url "front:get_andgrocfg_code" sha256 f.evidence_file %}">{{f.call_by}}</a>
-                <a class="btn btn-sm btn-link p-0 text-decoration-none" href="{% url 'front:similarity_search' %}?hash={{ f.dexofuzzy_hash }}&algorithm=func_hash">
+                <a class="btn btn-sm btn-link p-0 text-decoration-none" href="{% url 'front:similarity_search' %}?hash={{ f.dexofuzzy_hash|safe }}&algorithm=func_hash">
                 <i class="nf nf-oct-search"></i></a>
                 </li>
                 {% endfor %}

From 7858f202d11677ee6c29e3aceea12600a0ba14e1 Mon Sep 17 00:00:00 2001
From: evilcel3ri <evilcel3ri@email>
Date: Mon, 27 Mar 2023 16:42:22 +0200
Subject: [PATCH 2/8] final fix

---
 bazaar/core/utils.py                          | 2 --
 bazaar/templates/front/report/m_androcfg.html | 6 +++---
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/bazaar/core/utils.py b/bazaar/core/utils.py
index 594a86a..0c1dbf0 100644
--- a/bazaar/core/utils.py
+++ b/bazaar/core/utils.py
@@ -22,7 +22,6 @@
 from scipy.spatial.distance import pdist
 import pandas as pd
 
-
 def get_sha256_of_file_path(file_path):
     sha256_hash = hashlib.sha256()
     with open(file_path, "rb") as f:
@@ -241,7 +240,6 @@ def get_matching_items_by_ssdeep(ssdeep_value, threshold_grade, index, sha256):
 
 
 def get_matching_items_by_ssdeep_func(ssdeep_value, threshold_grade, index):
-    ssdeep_value = ssdeep_value.replace(" ", "+").replace("%2F", "/")
     chunksize, chunk, double_chunk = ssdeep_value.split(':')
     chunksize = int(chunksize)
     es = Elasticsearch(settings.ELASTICSEARCH_HOSTS)
diff --git a/bazaar/templates/front/report/m_androcfg.html b/bazaar/templates/front/report/m_androcfg.html
index 079c9e4..1248df3 100644
--- a/bazaar/templates/front/report/m_androcfg.html
+++ b/bazaar/templates/front/report/m_androcfg.html
@@ -14,9 +14,9 @@ <h4>{{ r.rule.title }}</h4>
               {% for f in r.findings %}
                 <li>
                   <a class="btn btn-sm btn-link p-0 text-decoration-none" target="_blank"
-                     href="{% url "front:get_andgrocfg_code" sha256 f.evidence_file %}">{{f.call_by}}</a>
-                <a class="btn btn-sm btn-link p-0 text-decoration-none" href="{% url 'front:similarity_search' %}?hash={{ f.dexofuzzy_hash|safe }}&algorithm=func_hash">
-                <i class="nf nf-oct-search"></i></a>
+                    href="{% url "front:get_andgrocfg_code" sha256 f.evidence_file %}">{{f.call_by}}</a>
+                  <a class="btn btn-sm btn-link p-0 text-decoration-none" href="{% url 'front:similarity_search' %}?hash={{ f.dexofuzzy_hash|urlencode }}&algorithm=func_hash">
+                  <i class="nf nf-oct-search"></i></a>
                 </li>
                 {% endfor %}
             </ul>

From a5d1c80cc0f75401c9287773f0bd341f1f1673d3 Mon Sep 17 00:00:00 2001
From: evilcel3ri <evilcel3ri@email>
Date: Wed, 29 Mar 2023 16:53:52 +0200
Subject: [PATCH 3/8] Boiler plate compare

---
 bazaar/front/urls.py                         |  5 ++--
 bazaar/front/view.py                         | 13 ++++++++++
 bazaar/templates/front/compare_analysis.html | 25 ++++++++++++++++++++
 3 files changed, 41 insertions(+), 2 deletions(-)
 create mode 100644 bazaar/templates/front/compare_analysis.html

diff --git a/bazaar/front/urls.py b/bazaar/front/urls.py
index 57a67ef..b0cbf28 100644
--- a/bazaar/front/urls.py
+++ b/bazaar/front/urls.py
@@ -3,7 +3,7 @@
 
 from bazaar.front.view import HomeView, ReportView, basic_upload_view, similarity_search_view, export_report_view, \
     download_sample_view, my_rules_view, my_rule_edit_view, my_rule_create_view, my_rule_delete_view, og_card_view, \
-    my_retrohunt_view, get_andgrocfg_code, get_genom, basic_url_download_view
+    my_retrohunt_view, get_andgrocfg_code, get_genom, basic_url_download_view, compare_analysis_view
 
 app_name = "front"
 urlpatterns = [
@@ -23,5 +23,6 @@
     path("rules/<str:uuid>/delete", view=my_rule_delete_view, name="my_rule_delete"),
     path("rules/<str:uuid>/retro", view=my_retrohunt_view, name="my_rule_retro"),
     path("androcfg/<str:sha256>/<path:foo>", view=get_andgrocfg_code, name="get_andgrocfg_code"),
-    path("androcfg/all", view=get_genom, name="get_genom")
+    path("androcfg/all", view=get_genom, name="get_genom"),
+    path("compare/<str:left_sha>/to/<str:right_sha>", view=compare_analysis_view, name="compare_analysis")
 ]
diff --git a/bazaar/front/view.py b/bazaar/front/view.py
index da619fe..82c0836 100644
--- a/bazaar/front/view.py
+++ b/bazaar/front/view.py
@@ -511,3 +511,16 @@ def get_genom(request):
     response = HttpResponse('\n'.join(entire_genom), content_type='text/csv')
     response['Content-Disposition'] = f'inline; filename=pithus_genom.csv'
     return response
+
+
+def compare_analysis_view(request, left_sha, right_sha):
+    es = Elasticsearch(settings.ELASTICSEARCH_HOSTS)
+
+    try:
+        left_result = es.get(index=settings.ELASTICSEARCH_APK_INDEX, id=left_sha)['_source']
+        right_result = es.get(index=settings.ELASTICSEARCH_APK_INDEX, id=right_sha)['_source']
+    except Exception as e:
+        logging.exception(e)
+        return redirect(reverse_lazy('front:home'))
+
+    return render(request, 'front/compare_analysis.html', context={'left_analysis': left_result, 'right_analysis': right_result})
diff --git a/bazaar/templates/front/compare_analysis.html b/bazaar/templates/front/compare_analysis.html
new file mode 100644
index 0000000..34b5bbe
--- /dev/null
+++ b/bazaar/templates/front/compare_analysis.html
@@ -0,0 +1,25 @@
+{% extends "base.html" %}
+{% load static %}
+{% load crispy_forms_tags %}
+
+{% block whole_content %}
+<div class="bg-secondary p-4 mb-4">
+  <div class="container-fuild">
+    <div class="row justify-content-center">
+      <div class="col-md-12 text-center">
+        <h1 class="text-white">Compare two analysis</h1>
+      </div>
+
+      <div class="row justify-content-center">
+        it works
+      </div>
+    </div>
+
+    <div class="col">
+      {{left_analysis }}
+    </div>
+
+    <!-- container-->
+  </div>
+</div>
+{% endblock whole_content %}
\ No newline at end of file

From 61fa3a44e354956448e09ed07399453bb4fd6b14 Mon Sep 17 00:00:00 2001
From: evilcel3ri <evilcel3ri@email>
Date: Thu, 30 Mar 2023 16:26:13 +0200
Subject: [PATCH 4/8] save

---
 bazaar/templates/front/compare_analysis.html | 276 ++++++++++++++++++-
 1 file changed, 270 insertions(+), 6 deletions(-)

diff --git a/bazaar/templates/front/compare_analysis.html b/bazaar/templates/front/compare_analysis.html
index 34b5bbe..53ed5b8 100644
--- a/bazaar/templates/front/compare_analysis.html
+++ b/bazaar/templates/front/compare_analysis.html
@@ -14,12 +14,276 @@ <h1 class="text-white">Compare two analysis</h1>
         it works
       </div>
     </div>
-
-    <div class="col">
-      {{left_analysis }}
-    </div>
-
-    <!-- container-->
   </div>
+  <!-- container-->
 </div>
+
+<table class="table table-condensed">
+  <thead>
+    <tr>
+      <th></th>
+      <th>Left APK (report)</th>
+      <th>Right APK (report)</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td>
+        <p>Handle</p>
+      </td>
+      <td>
+        <p>{{ left_analysis.handle }}</p>
+      </td>
+      <td>
+        <p>{{ right_analysis.handle }}</p>
+      </td>
+    </tr>
+    <tr>
+      <td>
+        <p>App name</p>
+      </td>
+      <td>{{left_analysis.app_name}}</td>
+      <td>{{right_analysis.app_name}}</td>
+    </tr>
+    <tr>
+      <td>MD5</td>
+      <td>{{left_analysis.md5}}</td>
+      <td>{{right_analysis.md5}}</td>
+    </tr>
+    <tr>
+      <td>SHA1</td>
+      <td>{{left_analysis.sha1}}</td>
+      <td>{{right_analysis.sha1}}</td>
+    </tr>
+    <tr>
+      <td>SHA256</td>
+      <td>{{left_analysis.sha256}}</td>
+      <td>{{right_analysis.sha256}}</td>
+    </tr>
+    <tr>
+      <td>Size</td>
+      <td>{{left_analysis.size}}</td>
+      <td>{{right_analysis.size}}</td>
+    </tr>
+    <tr>
+      <td>Frosting data</td>
+      <td>
+        {% if left_analysis.frosting_data.is_frosted %}
+        <span class="badge badge-success">Frosted</span>
+        {% else %}
+        <span class="badge badge-danger">Not frosted</span>
+        {% endif %}
+        {% if d.frosting_data.v2_signature_blocks|length > 0 %}
+        <div class="small">
+          Blocks found within V2 signature:
+          <ul class="list-unstyled mt-0">
+            {% for elt in d.frosting_data.v2_signature_blocks %}
+            <li><samp>{{ elt.value }}</samp>: {{ elt.comment }}</li>
+            {% endfor %}
+          </ul>
+          {% endif %}
+      </td>
+      <td>
+        {% if right_analysis.frosting_data.is_frosted %}
+        <span class="badge badge-success">Frosted</span>
+        {% else %}
+        <span class="badge badge-danger">Not frosted</span>
+        {% endif %}
+        {% if d.frosting_data.v2_signature_blocks|length > 0 %}
+        <div class="small">
+          Blocks found within V2 signature:
+          <ul class="list-unstyled mt-0">
+            {% for elt in d.frosting_data.v2_signature_blocks %}
+            <li><samp>{{ elt.value }}</samp>: {{ elt.comment }}</li>
+            {% endfor %}
+          </ul>
+          {% endif %}
+      </td>
+    </tr>
+    <tr>
+      <td>
+        <p>Main activity</p>
+      </td>
+      <td>
+        <p>{{left_analysis.main_activity}}</p>
+      </td>
+      <td>
+        <p>{{right_analysis.main_activity}}</p>
+      </td>
+    </tr>
+    <tr>
+      <td>
+        <p>Activities</p>
+      </td>
+      <td>
+        <ul class="list-unstyled">
+          {% for activity in left_analysis.activities %}
+          <li>
+            <pre><code>{{activity}}</code></pre>
+          </li>
+          {% endfor %}
+        </ul>
+      </td>
+      <td>
+        <ul class="list-unstyled">
+          {% for activity in right_analysis.activities %}
+          <li>
+            <pre><code>{{activity}}</code></pre>
+          </li>
+          {% endfor %}
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td>Receivers</td>
+      <td>
+        <pre><code>{% for s in left_analysis.receivers %}{{ s }}<br>{% endfor %}</code></pre>
+      </td>
+      <td>
+        <pre><code>{% for s in right_analysis.receivers %}{{ s }}<br>{% endfor %}</code></pre>
+      </td>
+    </tr>
+    <tr>
+      <td>Services</td>
+      <td>
+        <pre><code>{% for s in left_analysis.services %}{{ s }}<br>{% endfor %}</code></pre>
+      </td>
+      <td>
+        <pre><code>{% for s in right_analysis.services %}{{ s }}<br>{% endfor %}</code></pre>
+      </td>
+    </tr>
+    <tr>
+      <td>APKiD</td>
+      {% for p in left_analysis.apkid|dictsort:"filename" %}
+      <td class=""><samp>{{ p.filename }}</samp>
+        {% for k, v in p.matches.items %}
+        {{ k }}
+        <ul class="list-unstyled">
+          {% for c in v %}
+          <li><samp>{{ c }}</samp></li>
+          {% endfor %}
+        </ul>
+        {% endfor %}
+        {% endfor %}
+      </td>
+      {% for p in right_analysis.apkid|dictsort:"filename" %}
+      <td class=""><samp>{{ p.filename }}</samp>
+        {% for k, v in p.matches.items %}
+        {{ k }}
+        <ul class="list-unstyled">
+          {% for c in v %}
+          <li><samp>{{ c }}</samp></li>
+          {% endfor %}
+        </ul>
+        {% endfor %}
+        {% endfor %}
+      </td>
+    </tr>
+    <tr>
+      <td>Certificate</td>
+      <td>
+        {% for c in left_analysis.certificates %}
+        <ul class="list-unstyled">
+          <li><samp>{{ c.fingerprint_md5 }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_md5 %}
+            <a class="btn btn-sm btn-link p-0 text-decoration-none"
+              href="{% url 'front:home' %}?q=cert_md5:{{ c.fingerprint_md5 }}" data-toggle="tooltip"
+              data-placement="top" title="Find similar samples">
+              <i class="nf nf-oct-search"></i>
+            </a>
+          </li>
+          <li><samp>{{ c.fingerprint_sha1 }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_sha1 %}
+            <a class="btn btn-sm btn-link p-0 text-decoration-none"
+              href="{% url 'front:home' %}?q=cert_sha1:{{ c.fingerprint_sha1 }}" data-toggle="tooltip"
+              data-placement="top" title="Find similar samples">
+              <i class="nf nf-oct-search"></i>
+            </a>
+          </li>
+          <li><samp>{{ c.fingerprint_sha256 }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_sha256 %}
+            <a class="btn btn-sm btn-link p-0 text-decoration-none"
+              href="{% url 'front:home' %}?q=cert_sha256:{{ c.fingerprint_sha256 }}" data-toggle="tooltip"
+              data-placement="top" title="Find similar samples">
+              <i class="nf nf-oct-search"></i>
+            </a>
+          </li>
+          <li><samp>{{ c.issuer }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.issuer %} </li>
+          <li><samp>{{ c.not_before }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.not_before %}
+          </li>
+          <li><samp>{{ c.not_after }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.not_after %}
+          </li>
+          {% endfor %}
+        </ul>
+      </td>
+      <td>
+        {% for c in right_analysis.certificates %}
+        <ul class="list-unstyled">
+          <li><samp>{{ c.fingerprint_md5 }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_md5 %}
+            <a class="btn btn-sm btn-link p-0 text-decoration-none"
+              href="{% url 'front:home' %}?q=cert_md5:{{ c.fingerprint_md5 }}" data-toggle="tooltip"
+              data-placement="top" title="Find similar samples">
+              <i class="nf nf-oct-search"></i>
+            </a>
+          </li>
+          <li><samp>{{ c.fingerprint_sha1 }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_sha1 %}
+            <a class="btn btn-sm btn-link p-0 text-decoration-none"
+              href="{% url 'front:home' %}?q=cert_sha1:{{ c.fingerprint_sha1 }}" data-toggle="tooltip"
+              data-placement="top" title="Find similar samples">
+              <i class="nf nf-oct-search"></i>
+            </a>
+          </li>
+          <li><samp>{{ c.fingerprint_sha256 }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_sha256 %}
+            <a class="btn btn-sm btn-link p-0 text-decoration-none"
+              href="{% url 'front:home' %}?q=cert_sha256:{{ c.fingerprint_sha256 }}" data-toggle="tooltip"
+              data-placement="top" title="Find similar samples">
+              <i class="nf nf-oct-search"></i>
+            </a>
+          </li>
+          <li><samp>{{ c.issuer }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.issuer %} </li>
+          <li><samp>{{ c.not_before }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.not_before %}
+          </li>
+          <li><samp>{{ c.not_after }}</samp>
+            {% include "front/report/m_copy_to_clipboard.html" with data=c.not_after %}
+          </li>
+          {% endfor %}
+        </ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td>
+        <p>Permissions</p>
+      </td>
+      <td>
+        <ul class="list-unstyled">
+          {% for permission in left_analysis.permissions %}
+          <li>{{permission}}</li>
+          {% endfor %}
+        </ul>
+      </td>
+      <td>
+        <ul class="list-unstyled">
+          {% for permission in right_analysis.permissions %}
+          <li>{{permission}}</li>
+          {% endfor %}
+        </ul>
+      </td>
+    </tr>
+
+
+
+  </tbody>
+</table>
+{{left_analysis}}
+
+
 {% endblock whole_content %}
\ No newline at end of file

From 3ca82560ae730b7878708b4d3574c40a15563669 Mon Sep 17 00:00:00 2001
From: evilcel3ri <evilcel3ri@email>
Date: Fri, 31 Mar 2023 18:10:07 +0200
Subject: [PATCH 5/8] save

---
 bazaar/front/forms.py                        |  47 ++
 bazaar/front/urls.py                         |   1 +
 bazaar/front/view.py                         |  19 +-
 bazaar/templates/front/compare_analysis.html | 473 ++++++++-----------
 4 files changed, 263 insertions(+), 277 deletions(-)

diff --git a/bazaar/front/forms.py b/bazaar/front/forms.py
index b976d03..28fbafd 100644
--- a/bazaar/front/forms.py
+++ b/bazaar/front/forms.py
@@ -114,3 +114,50 @@ class YaraCreateForm(ModelForm):
     class Meta:
         model = Yara
         fields = ['title', 'content', 'is_private']
+
+
+class CompareSearchForm(forms.Form):
+    left_hash = forms.CharField()
+    right_hash = forms.CharField()
+
+    def do_search(self):
+        print(self.cleaned_data['left_hash'])
+        left_hash = self.cleaned_data['left_hash']
+
+        results = None
+        query = {
+            "query": {
+                "query_string": {
+                    "default_field": "sha256",
+                    "query": left_hash,
+                }
+            },
+            "highlight": {
+                "fields": {
+                    "*": {"pre_tags": ["<mark>"], "post_tags": ["</mark>"]}
+                }
+            },
+            "aggs": {
+                "permissions": {
+                    "terms": {"field": "permissions.keyword"}
+                },
+                "domains": {
+                    "terms": {"field": "domains_analysis._name.keyword"}
+                },
+                "android_features": {
+                    "terms": {"field": "features.keyword"}
+                }
+            },
+            "sort": {"analysis_date": "desc"},
+            "_source": ["apk_hash", "sha256", "uploaded_at", "icon_base64", "handle", "app_name",
+                        "version_code", "size", "dexofuzzy.apk", "quark.threat_level", "vt", "is_signed", "frosting_data.is_frosted", "features"],
+            "size": 50,
+        }
+        es = Elasticsearch(settings.ELASTICSEARCH_HOSTS)
+        try:
+            raw_results = es.search(index=settings.ELASTICSEARCH_APK_INDEX, body=query)
+            results = transform_hl_results(raw_results)
+        except Exception as e:
+            return [], [], None
+
+        return results
diff --git a/bazaar/front/urls.py b/bazaar/front/urls.py
index b0cbf28..548f623 100644
--- a/bazaar/front/urls.py
+++ b/bazaar/front/urls.py
@@ -24,5 +24,6 @@
     path("rules/<str:uuid>/retro", view=my_retrohunt_view, name="my_rule_retro"),
     path("androcfg/<str:sha256>/<path:foo>", view=get_andgrocfg_code, name="get_andgrocfg_code"),
     path("androcfg/all", view=get_genom, name="get_genom"),
+    path("compare/", view=compare_analysis_view, name="compare_analysis"),
     path("compare/<str:left_sha>/to/<str:right_sha>", view=compare_analysis_view, name="compare_analysis")
 ]
diff --git a/bazaar/front/view.py b/bazaar/front/view.py
index 82c0836..0864b72 100644
--- a/bazaar/front/view.py
+++ b/bazaar/front/view.py
@@ -30,7 +30,7 @@
 from bazaar.core.models import Yara
 from bazaar.core.tasks import analyze, retrohunt
 from bazaar.core.utils import get_sha256_of_file, get_matching_items_by_dexofuzzy
-from bazaar.front.forms import SearchForm, BasicUploadForm, SimilaritySearchForm, BasicUrlDownloadForm
+from bazaar.front.forms import SearchForm, BasicUploadForm, SimilaritySearchForm, BasicUrlDownloadForm, CompareSearchForm
 from bazaar.front.og import generate_og_card
 from bazaar.front.utils import transform_results, get_similarity_matrix, compute_status, generate_world_map, \
     transform_hl_results, get_sample_timeline, get_andro_cfg_storage_path
@@ -513,14 +513,13 @@ def get_genom(request):
     return response
 
 
-def compare_analysis_view(request, left_sha, right_sha):
-    es = Elasticsearch(settings.ELASTICSEARCH_HOSTS)
+def compare_analysis_view(request, *args, **kwargs):
+    if request.method == 'GET':
+        # print(request.__dict__)
 
-    try:
-        left_result = es.get(index=settings.ELASTICSEARCH_APK_INDEX, id=left_sha)['_source']
-        right_result = es.get(index=settings.ELASTICSEARCH_APK_INDEX, id=right_sha)['_source']
-    except Exception as e:
-        logging.exception(e)
-        return redirect(reverse_lazy('front:home'))
+        f = CompareSearchForm(request.GET)
+        print(f)
 
-    return render(request, 'front/compare_analysis.html', context={'left_analysis': left_result, 'right_analysis': right_result})
+        left_result = ""
+        right_result = ""
+        return render(request, 'front/compare_analysis.html', context={'left_analysis': left_result, 'right_analysis': right_result})
diff --git a/bazaar/templates/front/compare_analysis.html b/bazaar/templates/front/compare_analysis.html
index 53ed5b8..31bea07 100644
--- a/bazaar/templates/front/compare_analysis.html
+++ b/bazaar/templates/front/compare_analysis.html
@@ -1,289 +1,228 @@
 {% extends "base.html" %}
 {% load static %}
 {% load crispy_forms_tags %}
+{% load get %}
+{% load comma_to_br %}
 
 {% block whole_content %}
-<div class="bg-secondary p-4 mb-4">
-  <div class="container-fuild">
+<div class="container-fuild">
+  <div class="bg-secondary p-4 mb-4">
     <div class="row justify-content-center">
       <div class="col-md-12 text-center">
         <h1 class="text-white">Compare two analysis</h1>
       </div>
 
       <div class="row justify-content-center">
-        it works
+        <form method="GET">
+          <div class="form-row">
+            <div class="col-md-5">
+              <div class="input-group">
+                <input type="text" class="form-control" name="left_hash" required placeholder="Left Hash"
+                  value="{{form.data.hash}}">
+              </div>
+            </div>
+            <div class="col-md-5">
+              <div class="input-group">
+                <input type="text" class="form-control" name="right_hash" required placeholder="Right Hash"
+                  value="{{form.data.hash}}">
+              </div>
+            </div>
+            <div class="col-md-2">
+              <button class="btn btn-primary" type="submit"><i class="nf nf-oct-search"></i></button>
+            </div>
+          </div>
+        </form>
       </div>
     </div>
   </div>
-  <!-- container-->
-</div>
 
-<table class="table table-condensed">
-  <thead>
-    <tr>
-      <th></th>
-      <th>Left APK (report)</th>
-      <th>Right APK (report)</th>
-    </tr>
-  </thead>
-  <tbody>
-    <tr>
-      <td>
-        <p>Handle</p>
-      </td>
-      <td>
-        <p>{{ left_analysis.handle }}</p>
-      </td>
-      <td>
-        <p>{{ right_analysis.handle }}</p>
-      </td>
-    </tr>
-    <tr>
-      <td>
-        <p>App name</p>
-      </td>
-      <td>{{left_analysis.app_name}}</td>
-      <td>{{right_analysis.app_name}}</td>
-    </tr>
-    <tr>
-      <td>MD5</td>
-      <td>{{left_analysis.md5}}</td>
-      <td>{{right_analysis.md5}}</td>
-    </tr>
-    <tr>
-      <td>SHA1</td>
-      <td>{{left_analysis.sha1}}</td>
-      <td>{{right_analysis.sha1}}</td>
-    </tr>
-    <tr>
-      <td>SHA256</td>
-      <td>{{left_analysis.sha256}}</td>
-      <td>{{right_analysis.sha256}}</td>
-    </tr>
-    <tr>
-      <td>Size</td>
-      <td>{{left_analysis.size}}</td>
-      <td>{{right_analysis.size}}</td>
-    </tr>
-    <tr>
-      <td>Frosting data</td>
-      <td>
-        {% if left_analysis.frosting_data.is_frosted %}
-        <span class="badge badge-success">Frosted</span>
-        {% else %}
-        <span class="badge badge-danger">Not frosted</span>
-        {% endif %}
-        {% if d.frosting_data.v2_signature_blocks|length > 0 %}
-        <div class="small">
-          Blocks found within V2 signature:
-          <ul class="list-unstyled mt-0">
-            {% for elt in d.frosting_data.v2_signature_blocks %}
-            <li><samp>{{ elt.value }}</samp>: {{ elt.comment }}</li>
-            {% endfor %}
-          </ul>
-          {% endif %}
-      </td>
-      <td>
-        {% if right_analysis.frosting_data.is_frosted %}
-        <span class="badge badge-success">Frosted</span>
-        {% else %}
-        <span class="badge badge-danger">Not frosted</span>
-        {% endif %}
-        {% if d.frosting_data.v2_signature_blocks|length > 0 %}
-        <div class="small">
-          Blocks found within V2 signature:
-          <ul class="list-unstyled mt-0">
-            {% for elt in d.frosting_data.v2_signature_blocks %}
-            <li><samp>{{ elt.value }}</samp>: {{ elt.comment }}</li>
-            {% endfor %}
-          </ul>
-          {% endif %}
-      </td>
-    </tr>
-    <tr>
-      <td>
-        <p>Main activity</p>
-      </td>
-      <td>
-        <p>{{left_analysis.main_activity}}</p>
-      </td>
-      <td>
-        <p>{{right_analysis.main_activity}}</p>
-      </td>
-    </tr>
-    <tr>
-      <td>
-        <p>Activities</p>
-      </td>
-      <td>
-        <ul class="list-unstyled">
-          {% for activity in left_analysis.activities %}
-          <li>
-            <pre><code>{{activity}}</code></pre>
-          </li>
-          {% endfor %}
-        </ul>
-      </td>
-      <td>
-        <ul class="list-unstyled">
-          {% for activity in right_analysis.activities %}
-          <li>
-            <pre><code>{{activity}}</code></pre>
-          </li>
-          {% endfor %}
-        </ul>
-      </td>
-    </tr>
-    <tr>
-      <td>Receivers</td>
-      <td>
-        <pre><code>{% for s in left_analysis.receivers %}{{ s }}<br>{% endfor %}</code></pre>
-      </td>
-      <td>
-        <pre><code>{% for s in right_analysis.receivers %}{{ s }}<br>{% endfor %}</code></pre>
-      </td>
-    </tr>
-    <tr>
-      <td>Services</td>
-      <td>
-        <pre><code>{% for s in left_analysis.services %}{{ s }}<br>{% endfor %}</code></pre>
-      </td>
-      <td>
-        <pre><code>{% for s in right_analysis.services %}{{ s }}<br>{% endfor %}</code></pre>
-      </td>
-    </tr>
-    <tr>
-      <td>APKiD</td>
-      {% for p in left_analysis.apkid|dictsort:"filename" %}
-      <td class=""><samp>{{ p.filename }}</samp>
-        {% for k, v in p.matches.items %}
-        {{ k }}
-        <ul class="list-unstyled">
-          {% for c in v %}
-          <li><samp>{{ c }}</samp></li>
-          {% endfor %}
-        </ul>
-        {% endfor %}
-        {% endfor %}
-      </td>
-      {% for p in right_analysis.apkid|dictsort:"filename" %}
-      <td class=""><samp>{{ p.filename }}</samp>
-        {% for k, v in p.matches.items %}
-        {{ k }}
-        <ul class="list-unstyled">
-          {% for c in v %}
-          <li><samp>{{ c }}</samp></li>
-          {% endfor %}
-        </ul>
-        {% endfor %}
-        {% endfor %}
-      </td>
-    </tr>
-    <tr>
-      <td>Certificate</td>
-      <td>
-        {% for c in left_analysis.certificates %}
-        <ul class="list-unstyled">
-          <li><samp>{{ c.fingerprint_md5 }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_md5 %}
-            <a class="btn btn-sm btn-link p-0 text-decoration-none"
-              href="{% url 'front:home' %}?q=cert_md5:{{ c.fingerprint_md5 }}" data-toggle="tooltip"
-              data-placement="top" title="Find similar samples">
-              <i class="nf nf-oct-search"></i>
-            </a>
-          </li>
-          <li><samp>{{ c.fingerprint_sha1 }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_sha1 %}
-            <a class="btn btn-sm btn-link p-0 text-decoration-none"
-              href="{% url 'front:home' %}?q=cert_sha1:{{ c.fingerprint_sha1 }}" data-toggle="tooltip"
-              data-placement="top" title="Find similar samples">
-              <i class="nf nf-oct-search"></i>
-            </a>
-          </li>
-          <li><samp>{{ c.fingerprint_sha256 }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_sha256 %}
-            <a class="btn btn-sm btn-link p-0 text-decoration-none"
-              href="{% url 'front:home' %}?q=cert_sha256:{{ c.fingerprint_sha256 }}" data-toggle="tooltip"
-              data-placement="top" title="Find similar samples">
-              <i class="nf nf-oct-search"></i>
-            </a>
-          </li>
-          <li><samp>{{ c.issuer }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.issuer %} </li>
-          <li><samp>{{ c.not_before }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.not_before %}
-          </li>
-          <li><samp>{{ c.not_after }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.not_after %}
-          </li>
-          {% endfor %}
-        </ul>
-      </td>
-      <td>
-        {% for c in right_analysis.certificates %}
-        <ul class="list-unstyled">
-          <li><samp>{{ c.fingerprint_md5 }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_md5 %}
-            <a class="btn btn-sm btn-link p-0 text-decoration-none"
-              href="{% url 'front:home' %}?q=cert_md5:{{ c.fingerprint_md5 }}" data-toggle="tooltip"
-              data-placement="top" title="Find similar samples">
-              <i class="nf nf-oct-search"></i>
-            </a>
-          </li>
-          <li><samp>{{ c.fingerprint_sha1 }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_sha1 %}
-            <a class="btn btn-sm btn-link p-0 text-decoration-none"
-              href="{% url 'front:home' %}?q=cert_sha1:{{ c.fingerprint_sha1 }}" data-toggle="tooltip"
-              data-placement="top" title="Find similar samples">
-              <i class="nf nf-oct-search"></i>
-            </a>
-          </li>
-          <li><samp>{{ c.fingerprint_sha256 }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.fingerprint_sha256 %}
-            <a class="btn btn-sm btn-link p-0 text-decoration-none"
-              href="{% url 'front:home' %}?q=cert_sha256:{{ c.fingerprint_sha256 }}" data-toggle="tooltip"
-              data-placement="top" title="Find similar samples">
-              <i class="nf nf-oct-search"></i>
-            </a>
-          </li>
-          <li><samp>{{ c.issuer }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.issuer %} </li>
-          <li><samp>{{ c.not_before }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.not_before %}
-          </li>
-          <li><samp>{{ c.not_after }}</samp>
-            {% include "front/report/m_copy_to_clipboard.html" with data=c.not_after %}
-          </li>
-          {% endfor %}
-        </ul>
-      </td>
-    </tr>
+  {% if left_analysis and right_analysis %}
+  <table class="table table-condensed">
+    <thead>
+      <tr>
+        <th> </th>
+        <th><strong>Left APK</strong> (report)</th>
+        <th><strong>Right APK</strong> (report)</th>
+      </tr>
+    </thead>
+    <tbody>
+      <tr>
+        <td>
+          <p>File sums</p>
+        </td>
+        <td>
+          {% include "front/report/m_file.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_file.html" with d=right_analysis %}
+        </td>
+      </tr>
+      <tr>
+        <td>
+          <p>APKiD</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/rednaga/APKiD">APKiD</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_apkid.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_apkid.html" with d=right_analysis %}
+        </td>
+      </tr>
+      <tr>
+        <td>
+          <p>APK details</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/androguard/androguard">AndroGuard</a>
+            and <a class="small" target="_blank" href="https://github.com/pithus/bazaar">Pithus</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_apk.html" with d=left_analysis %}
+        <td>
+          {% include "front/report/m_apk.html" with d=right_analysis %}
+        </td>
+        </td>
+      </tr>
+      <tr>
+        <td>
+          <p>Certificate</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/androguard/androguard">AndroGuard</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_certificate.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_certificate.html" with d=left_analysis %}
+        </td>
+      </tr>
+
+      <tr>
+        <td>
+          <p>Browsable activities</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_browsable_activities.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_browsable_activities.html" with d=right_analysis %}
+        </td>
+      </tr>
+
+      <tr>
+        <td>
+          <p>Manifest</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_manifest.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_manifest.html" with d=right_analysis %}
+        </td>
+      </tr>
 
-    <tr>
-      <td>
-        <p>Permissions</p>
-      </td>
-      <td>
-        <ul class="list-unstyled">
-          {% for permission in left_analysis.permissions %}
-          <li>{{permission}}</li>
-          {% endfor %}
-        </ul>
-      </td>
-      <td>
-        <ul class="list-unstyled">
-          {% for permission in right_analysis.permissions %}
-          <li>{{permission}}</li>
-          {% endfor %}
-        </ul>
-      </td>
-    </tr>
+      <tr>
+        <td>
+          <p>NIAP analysis</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_niap.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_niap.html" with d=right_analysis %}
+        </td>
+      </tr>
 
+      <tr>
+        <td>
+          <p>Code analysis</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_code.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_code.html" with d=right_analysis %}
+        </td>
+      </tr>
 
+      <tr>
+        <td>
+          <p>Permissions analysis</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_permissions.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_permissions.html" with d=right_analysis %}
+        </td>
+      </tr>
 
-  </tbody>
-</table>
-{{left_analysis}}
+      <tr>
+        <td>
+          <p>Tracking analysis</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/Exodus-Privacy/exodus-core">Exodus-core</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_trackers.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_trackers.html" with d=right_analysis %}
+        </td>
+      </tr>
 
+      <tr>
+        <td>
+          <p>Threat analysis</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/quark-engine/quark-engine">Quark-Engine</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_quark.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_quark.html" with d=right_analysis %}
+        </td>
+      </tr>
 
+      <tr>
+        <td>
+          <p>Behavior analysis</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_api.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_api.html" with d=right_analysis %}
+        </td>
+      </tr>
+
+    </tbody>
+  </table>
+  {% endif %}
+</div>
 {% endblock whole_content %}
\ No newline at end of file

From 70c564b817030c4becebb7246e37f43ed53c217b Mon Sep 17 00:00:00 2001
From: evilcel3ri <evilcel3ri@email>
Date: Mon, 3 Apr 2023 17:45:52 +0200
Subject: [PATCH 6/8] save

---
 bazaar/front/forms.py                        | 75 ++++++++++----------
 bazaar/front/urls.py                         |  3 +-
 bazaar/front/view.py                         | 16 +++--
 bazaar/templates/front/compare_analysis.html |  4 +-
 4 files changed, 50 insertions(+), 48 deletions(-)

diff --git a/bazaar/front/forms.py b/bazaar/front/forms.py
index 28fbafd..13224ca 100644
--- a/bazaar/front/forms.py
+++ b/bazaar/front/forms.py
@@ -117,47 +117,48 @@ class Meta:
 
 
 class CompareSearchForm(forms.Form):
-    left_hash = forms.CharField()
-    right_hash = forms.CharField()
+    left_sha = forms.CharField()
+    right_sha = forms.CharField()
 
     def do_search(self):
-        print(self.cleaned_data['left_hash'])
-        left_hash = self.cleaned_data['left_hash']
+        shas = []
+        shas.append(self['left_sha'].value())
+        shas.append(self['right_sha'].value())
 
-        results = None
-        query = {
-            "query": {
-                "query_string": {
-                    "default_field": "sha256",
-                    "query": left_hash,
-                }
-            },
-            "highlight": {
-                "fields": {
-                    "*": {"pre_tags": ["<mark>"], "post_tags": ["</mark>"]}
-                }
-            },
-            "aggs": {
-                "permissions": {
-                    "terms": {"field": "permissions.keyword"}
+        results = []
+        for sha in shas:
+            query = {
+                "query": {
+                    "query_string": {
+                        "default_field": "sha256",
+                        "query": sha,
+                    }
                 },
-                "domains": {
-                    "terms": {"field": "domains_analysis._name.keyword"}
+                "highlight": {
+                    "fields": {
+                        "*": {"pre_tags": ["<mark>"], "post_tags": ["</mark>"]}
+                    }
                 },
-                "android_features": {
-                    "terms": {"field": "features.keyword"}
-                }
-            },
-            "sort": {"analysis_date": "desc"},
-            "_source": ["apk_hash", "sha256", "uploaded_at", "icon_base64", "handle", "app_name",
-                        "version_code", "size", "dexofuzzy.apk", "quark.threat_level", "vt", "is_signed", "frosting_data.is_frosted", "features"],
-            "size": 50,
-        }
-        es = Elasticsearch(settings.ELASTICSEARCH_HOSTS)
-        try:
-            raw_results = es.search(index=settings.ELASTICSEARCH_APK_INDEX, body=query)
-            results = transform_hl_results(raw_results)
-        except Exception as e:
-            return [], [], None
+                "aggs": {
+                    "permissions": {
+                        "terms": {"field": "permissions.keyword"}
+                    },
+                    "domains": {
+                        "terms": {"field": "domains_analysis._name.keyword"}
+                    },
+                    "android_features": {
+                        "terms": {"field": "features.keyword"}
+                    }
+                },
+                "sort": {"analysis_date": "desc"},
+                "_source": ["apk_hash", "sha256", "uploaded_at", "icon_base64", "handle", "app_name", "version_code", "size", "dexofuzzy.apk", "quark.threat_level", "is_signed", "frosting_data.is_frosted", "features"],
+                "size": 50,
+            }
+            es = Elasticsearch(settings.ELASTICSEARCH_HOSTS)
+            try:
+                raw_results = es.search(index=settings.ELASTICSEARCH_APK_INDEX, body=query)
+                results.append(transform_hl_results(raw_results))
+            except Exception as e:
+                return []
 
         return results
diff --git a/bazaar/front/urls.py b/bazaar/front/urls.py
index 548f623..e772ce0 100644
--- a/bazaar/front/urls.py
+++ b/bazaar/front/urls.py
@@ -24,6 +24,5 @@
     path("rules/<str:uuid>/retro", view=my_retrohunt_view, name="my_rule_retro"),
     path("androcfg/<str:sha256>/<path:foo>", view=get_andgrocfg_code, name="get_andgrocfg_code"),
     path("androcfg/all", view=get_genom, name="get_genom"),
-    path("compare/", view=compare_analysis_view, name="compare_analysis"),
-    path("compare/<str:left_sha>/to/<str:right_sha>", view=compare_analysis_view, name="compare_analysis")
+    path("compare/", view=compare_analysis_view, name="compare_analysis")
 ]
diff --git a/bazaar/front/view.py b/bazaar/front/view.py
index 0864b72..87e9f77 100644
--- a/bazaar/front/view.py
+++ b/bazaar/front/view.py
@@ -515,11 +515,13 @@ def get_genom(request):
 
 def compare_analysis_view(request, *args, **kwargs):
     if request.method == 'GET':
-        # print(request.__dict__)
-
         f = CompareSearchForm(request.GET)
-        print(f)
-
-        left_result = ""
-        right_result = ""
-        return render(request, 'front/compare_analysis.html', context={'left_analysis': left_result, 'right_analysis': right_result})
+        res = []
+        left_res, right_res = None
+        if f.is_valid:
+            print("valid form")
+            res = f.do_search()
+            left_res = res[0][0]
+            right_res = res[0][1]
+
+        return render(request, 'front/compare_analysis.html', context={'left_analysis': left_res, 'right_analysis': right_res})
diff --git a/bazaar/templates/front/compare_analysis.html b/bazaar/templates/front/compare_analysis.html
index 31bea07..df5295f 100644
--- a/bazaar/templates/front/compare_analysis.html
+++ b/bazaar/templates/front/compare_analysis.html
@@ -17,13 +17,13 @@ <h1 class="text-white">Compare two analysis</h1>
           <div class="form-row">
             <div class="col-md-5">
               <div class="input-group">
-                <input type="text" class="form-control" name="left_hash" required placeholder="Left Hash"
+                <input type="text" class="form-control" name="left_sha" required placeholder="Left Hash"
                   value="{{form.data.hash}}">
               </div>
             </div>
             <div class="col-md-5">
               <div class="input-group">
-                <input type="text" class="form-control" name="right_hash" required placeholder="Right Hash"
+                <input type="text" class="form-control" name="right_sha" required placeholder="Right Hash"
                   value="{{form.data.hash}}">
               </div>
             </div>

From 30672142b9496d615ccc90b7277d3dab44048a6f Mon Sep 17 00:00:00 2001
From: Christopher Talib <postal+github@pksl.es>
Date: Tue, 11 Apr 2023 15:18:38 +0200
Subject: [PATCH 7/8] Working POC with button on similarities

---
 bazaar/front/forms.py                        | 38 ++++++++++++-
 bazaar/front/view.py                         | 15 +++--
 bazaar/templates/front/compare_analysis.html | 58 +++++++++++++++++---
 bazaar/templates/front/m_similarities.html   |  5 ++
 bazaar/templates/front/report/m_file.html    |  2 +-
 5 files changed, 102 insertions(+), 16 deletions(-)

diff --git a/bazaar/front/forms.py b/bazaar/front/forms.py
index 13224ca..76cd29f 100644
--- a/bazaar/front/forms.py
+++ b/bazaar/front/forms.py
@@ -151,8 +151,42 @@ def do_search(self):
                     }
                 },
                 "sort": {"analysis_date": "desc"},
-                "_source": ["apk_hash", "sha256", "uploaded_at", "icon_base64", "handle", "app_name", "version_code", "size", "dexofuzzy.apk", "quark.threat_level", "is_signed", "frosting_data.is_frosted", "features"],
-                "size": 50,
+                "_source": [
+                    "uaid",
+                    "signatures",
+                    "is_signed",
+                    "is_signed_v1",
+                    "is_signed_v2",
+                    "is_signed_v3",
+                    "certificates",
+                    "dexofuzzy",
+                    "apkid",
+                    "manifest_analysis",
+                    "browsable_activities",
+                    "niap_analysis",
+                    "code_analysis",
+                    "detailed_permissions",
+                    "trackers",
+                    "quark.crimes",
+                    "android_api_analysis",
+                    "ssdeep",
+                    "version_name",
+                    "apk_hash",
+                    "app_name", 
+                    "dexofuzzy.apk", 
+                    "features"
+                    "frosting_data.is_frosted", 
+                    "handle", 
+                    "is_signed", 
+                    "md5", 
+                    "quark.threat_level", 
+                    "sha1", 
+                    "sha256", 
+                    "size", 
+                    "uploaded_at", 
+                    "version_code", 
+                    ],
+                "size": 1,
             }
             es = Elasticsearch(settings.ELASTICSEARCH_HOSTS)
             try:
diff --git a/bazaar/front/view.py b/bazaar/front/view.py
index 87e9f77..61a3a14 100644
--- a/bazaar/front/view.py
+++ b/bazaar/front/view.py
@@ -512,16 +512,21 @@ def get_genom(request):
     response['Content-Disposition'] = f'inline; filename=pithus_genom.csv'
     return response
 
-
 def compare_analysis_view(request, *args, **kwargs):
     if request.method == 'GET':
         f = CompareSearchForm(request.GET)
+
         res = []
-        left_res, right_res = None
+        left_res = None
+        right_res = None
         if f.is_valid:
-            print("valid form")
             res = f.do_search()
-            left_res = res[0][0]
-            right_res = res[0][1]
+            if res:
+                left_res = res[0][0]['source']
+                right_res = res[1][0]['source']
+            else:
+                return render(request, 'front/compare_analysis.html')
 
+        print(res)
         return render(request, 'front/compare_analysis.html', context={'left_analysis': left_res, 'right_analysis': right_res})
+
diff --git a/bazaar/templates/front/compare_analysis.html b/bazaar/templates/front/compare_analysis.html
index df5295f..eac2b63 100644
--- a/bazaar/templates/front/compare_analysis.html
+++ b/bazaar/templates/front/compare_analysis.html
@@ -41,8 +41,8 @@ <h1 class="text-white">Compare two analysis</h1>
     <thead>
       <tr>
         <th> </th>
-        <th><strong>Left APK</strong> (report)</th>
-        <th><strong>Right APK</strong> (report)</th>
+        <th><strong><a href="{% url 'front:report' left_analysis.sha256 %}">{{left_analysis.sha256}}</a></strong></th>
+        <th><strong><a href="{% url 'front:report' right_analysis.sha256 %}">{{right_analysis.sha256}}</a></strong></th>
       </tr>
     </thead>
     <tbody>
@@ -71,6 +71,31 @@ <h1 class="text-white">Compare two analysis</h1>
           {% include "front/report/m_apkid.html" with d=right_analysis %}
         </td>
       </tr>
+      <tr>
+        <td>
+          <p>SSdeep</p>
+          <p class="text-muted small">Information computed with <a class="small" target="_blank"
+              href="https://github.com/DinoTools/python-ssdeep">ssdeep</a>.
+          </p>
+        </td>
+        <td>
+          {% include "front/report/m_ssdeep.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_ssdeep.html" with d=right_analysis %}
+        </td>
+      </tr>
+      <tr>
+        <td>
+          <p>Dexofuzzy</p>
+        </td>
+        <td>
+          {% include "front/report/m_dexofuzzy.html" with d=left_analysis %}
+        </td>
+        <td>
+          {% include "front/report/m_dexofuzzy.html" with d=right_analysis %}
+        </td>
+      </tr>
       <tr>
         <td>
           <p>APK details</p>
@@ -101,36 +126,42 @@ <h1 class="text-white">Compare two analysis</h1>
         </td>
       </tr>
 
+      {% if left_analysis.manifest_analysis or right_analysis.manifest_analysis %}
       <tr>
         <td>
-          <p>Browsable activities</p>
+          <p>Manifest</p>
           <p class="text-muted small">Information computed with <a class="small" target="_blank"
               href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
           </p>
         </td>
         <td>
-          {% include "front/report/m_browsable_activities.html" with d=left_analysis %}
+          {% include "front/report/m_manifest.html" with d=left_analysis %}
         </td>
         <td>
-          {% include "front/report/m_browsable_activities.html" with d=right_analysis %}
+          {% include "front/report/m_manifest.html" with d=right_analysis %}
         </td>
       </tr>
+      {% endif %}
 
+      {% if left_analysis.browsable_activities and right_analysis.browsable_activities %}
       <tr>
         <td>
-          <p>Manifest</p>
+          <p>Browsable activities</p>
           <p class="text-muted small">Information computed with <a class="small" target="_blank"
               href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
           </p>
         </td>
         <td>
-          {% include "front/report/m_manifest.html" with d=left_analysis %}
+          {% include "front/report/m_browsable_activities.html" with d=left_analysis %}
         </td>
         <td>
-          {% include "front/report/m_manifest.html" with d=right_analysis %}
+          {% include "front/report/m_browsable_activities.html" with d=right_analysis %}
         </td>
       </tr>
+      {% endif %}
+
 
+      {% if left_analysis.niap_analysis and right_analysis.niap_analysis %}
       <tr>
         <td>
           <p>NIAP analysis</p>
@@ -145,7 +176,9 @@ <h1 class="text-white">Compare two analysis</h1>
           {% include "front/report/m_niap.html" with d=right_analysis %}
         </td>
       </tr>
+      {% endif %}
 
+      {% if left_analysis.code_analysis and right_analysis.code_analysis %}
       <tr>
         <td>
           <p>Code analysis</p>
@@ -160,7 +193,9 @@ <h1 class="text-white">Compare two analysis</h1>
           {% include "front/report/m_code.html" with d=right_analysis %}
         </td>
       </tr>
+      {% endif %}
 
+      {% if left_analysis.detailed_permissions and right_analysis.detailed_permissions %}
       <tr>
         <td>
           <p>Permissions analysis</p>
@@ -175,7 +210,9 @@ <h1 class="text-white">Compare two analysis</h1>
           {% include "front/report/m_permissions.html" with d=right_analysis %}
         </td>
       </tr>
+      {% endif %}
 
+      {% if left_analysis.trackers and right_analysis.trackers %}
       <tr>
         <td>
           <p>Tracking analysis</p>
@@ -190,7 +227,9 @@ <h1 class="text-white">Compare two analysis</h1>
           {% include "front/report/m_trackers.html" with d=right_analysis %}
         </td>
       </tr>
+      {% endif %}
 
+      {% if left_analysis.quark.crimes and right_analysis.quark.crimes %}
       <tr>
         <td>
           <p>Threat analysis</p>
@@ -205,7 +244,9 @@ <h1 class="text-white">Compare two analysis</h1>
           {% include "front/report/m_quark.html" with d=right_analysis %}
         </td>
       </tr>
+      {% endif %}
 
+      {% if left_analysis.android_api_analysis and right_analysis.android_api_analysis %}
       <tr>
         <td>
           <p>Behavior analysis</p>
@@ -220,6 +261,7 @@ <h1 class="text-white">Compare two analysis</h1>
           {% include "front/report/m_api.html" with d=right_analysis %}
         </td>
       </tr>
+      {% endif %}
 
     </tbody>
   </table>
diff --git a/bazaar/templates/front/m_similarities.html b/bazaar/templates/front/m_similarities.html
index 25dc9c3..41aad5b 100644
--- a/bazaar/templates/front/m_similarities.html
+++ b/bazaar/templates/front/m_similarities.html
@@ -39,6 +39,11 @@
           </div>
         </div>
       </td>
+      <td>
+        <div class="">
+          <a href="/compare/?left_sha={{result.sha256}}&right_sha={{hash}}">Compare</a>
+        </div>
+      </td>
     </tr>
     {% endif %}
     {% endfor %}
diff --git a/bazaar/templates/front/report/m_file.html b/bazaar/templates/front/report/m_file.html
index 25be16d..bc58e7d 100644
--- a/bazaar/templates/front/report/m_file.html
+++ b/bazaar/templates/front/report/m_file.html
@@ -32,4 +32,4 @@
       {% endif %}
     </td>
   </tr>
-</table>
+</table>
\ No newline at end of file

From 7d9a761c9ff11a166002df13870a5b048ba57413 Mon Sep 17 00:00:00 2001
From: evilcel3ri <evilcel3ri@email>
Date: Tue, 25 Apr 2023 13:25:09 +0200
Subject: [PATCH 8/8] Adding possibility of responsiveness

---
 bazaar/templates/front/compare_analysis.html | 441 ++++++++++---------
 1 file changed, 222 insertions(+), 219 deletions(-)

diff --git a/bazaar/templates/front/compare_analysis.html b/bazaar/templates/front/compare_analysis.html
index eac2b63..a042d17 100644
--- a/bazaar/templates/front/compare_analysis.html
+++ b/bazaar/templates/front/compare_analysis.html
@@ -37,234 +37,237 @@ <h1 class="text-white">Compare two analysis</h1>
   </div>
 
   {% if left_analysis and right_analysis %}
-  <table class="table table-condensed">
-    <thead>
-      <tr>
-        <th> </th>
-        <th><strong><a href="{% url 'front:report' left_analysis.sha256 %}">{{left_analysis.sha256}}</a></strong></th>
-        <th><strong><a href="{% url 'front:report' right_analysis.sha256 %}">{{right_analysis.sha256}}</a></strong></th>
-      </tr>
-    </thead>
-    <tbody>
-      <tr>
-        <td>
-          <p>File sums</p>
-        </td>
-        <td>
-          {% include "front/report/m_file.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_file.html" with d=right_analysis %}
-        </td>
-      </tr>
-      <tr>
-        <td>
-          <p>APKiD</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/rednaga/APKiD">APKiD</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_apkid.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_apkid.html" with d=right_analysis %}
-        </td>
-      </tr>
-      <tr>
-        <td>
-          <p>SSdeep</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/DinoTools/python-ssdeep">ssdeep</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_ssdeep.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_ssdeep.html" with d=right_analysis %}
-        </td>
-      </tr>
-      <tr>
-        <td>
-          <p>Dexofuzzy</p>
-        </td>
-        <td>
-          {% include "front/report/m_dexofuzzy.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_dexofuzzy.html" with d=right_analysis %}
-        </td>
-      </tr>
-      <tr>
-        <td>
-          <p>APK details</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/androguard/androguard">AndroGuard</a>
-            and <a class="small" target="_blank" href="https://github.com/pithus/bazaar">Pithus</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_apk.html" with d=left_analysis %}
-        <td>
-          {% include "front/report/m_apk.html" with d=right_analysis %}
-        </td>
-        </td>
-      </tr>
-      <tr>
-        <td>
-          <p>Certificate</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/androguard/androguard">AndroGuard</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_certificate.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_certificate.html" with d=left_analysis %}
-        </td>
-      </tr>
+  <div class="table-responsive">
+    <table class="table table-responsive">
+      <thead>
+        <tr>
+          <th> </th>
+          <th><strong><a href="{% url 'front:report' left_analysis.sha256 %}">{{left_analysis.sha256}}</a></strong></th>
+          <th><strong><a href="{% url 'front:report' right_analysis.sha256 %}">{{right_analysis.sha256}}</a></strong>
+          </th>
+        </tr>
+      </thead>
+      <tbody>
+        <tr>
+          <td>
+            <p>File sums</p>
+          </td>
+          <td>
+            {% include "front/report/m_file.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_file.html" with d=right_analysis %}
+          </td>
+        </tr>
+        <tr>
+          <td>
+            <p>APKiD</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/rednaga/APKiD">APKiD</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_apkid.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_apkid.html" with d=right_analysis %}
+          </td>
+        </tr>
+        <tr>
+          <td>
+            <p>SSdeep</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/DinoTools/python-ssdeep">ssdeep</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_ssdeep.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_ssdeep.html" with d=right_analysis %}
+          </td>
+        </tr>
+        <tr>
+          <td>
+            <p>Dexofuzzy</p>
+          </td>
+          <td>
+            {% include "front/report/m_dexofuzzy.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_dexofuzzy.html" with d=right_analysis %}
+          </td>
+        </tr>
+        <tr>
+          <td>
+            <p>APK details</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/androguard/androguard">AndroGuard</a>
+              and <a class="small" target="_blank" href="https://github.com/pithus/bazaar">Pithus</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_apk.html" with d=left_analysis %}
+          <td>
+            {% include "front/report/m_apk.html" with d=right_analysis %}
+          </td>
+          </td>
+        </tr>
+        <tr>
+          <td>
+            <p>Certificate</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/androguard/androguard">AndroGuard</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_certificate.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_certificate.html" with d=left_analysis %}
+          </td>
+        </tr>
 
-      {% if left_analysis.manifest_analysis or right_analysis.manifest_analysis %}
-      <tr>
-        <td>
-          <p>Manifest</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_manifest.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_manifest.html" with d=right_analysis %}
-        </td>
-      </tr>
-      {% endif %}
+        {% if left_analysis.manifest_analysis or right_analysis.manifest_analysis %}
+        <tr>
+          <td>
+            <p>Manifest</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_manifest.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_manifest.html" with d=right_analysis %}
+          </td>
+        </tr>
+        {% endif %}
 
-      {% if left_analysis.browsable_activities and right_analysis.browsable_activities %}
-      <tr>
-        <td>
-          <p>Browsable activities</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_browsable_activities.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_browsable_activities.html" with d=right_analysis %}
-        </td>
-      </tr>
-      {% endif %}
+        {% if left_analysis.browsable_activities and right_analysis.browsable_activities %}
+        <tr>
+          <td>
+            <p>Browsable activities</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_browsable_activities.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_browsable_activities.html" with d=right_analysis %}
+          </td>
+        </tr>
+        {% endif %}
 
 
-      {% if left_analysis.niap_analysis and right_analysis.niap_analysis %}
-      <tr>
-        <td>
-          <p>NIAP analysis</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_niap.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_niap.html" with d=right_analysis %}
-        </td>
-      </tr>
-      {% endif %}
+        {% if left_analysis.niap_analysis and right_analysis.niap_analysis %}
+        <tr>
+          <td>
+            <p>NIAP analysis</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_niap.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_niap.html" with d=right_analysis %}
+          </td>
+        </tr>
+        {% endif %}
 
-      {% if left_analysis.code_analysis and right_analysis.code_analysis %}
-      <tr>
-        <td>
-          <p>Code analysis</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_code.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_code.html" with d=right_analysis %}
-        </td>
-      </tr>
-      {% endif %}
+        {% if left_analysis.code_analysis and right_analysis.code_analysis %}
+        <tr>
+          <td>
+            <p>Code analysis</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_code.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_code.html" with d=right_analysis %}
+          </td>
+        </tr>
+        {% endif %}
 
-      {% if left_analysis.detailed_permissions and right_analysis.detailed_permissions %}
-      <tr>
-        <td>
-          <p>Permissions analysis</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_permissions.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_permissions.html" with d=right_analysis %}
-        </td>
-      </tr>
-      {% endif %}
+        {% if left_analysis.detailed_permissions and right_analysis.detailed_permissions %}
+        <tr>
+          <td>
+            <p>Permissions analysis</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_permissions.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_permissions.html" with d=right_analysis %}
+          </td>
+        </tr>
+        {% endif %}
 
-      {% if left_analysis.trackers and right_analysis.trackers %}
-      <tr>
-        <td>
-          <p>Tracking analysis</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/Exodus-Privacy/exodus-core">Exodus-core</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_trackers.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_trackers.html" with d=right_analysis %}
-        </td>
-      </tr>
-      {% endif %}
+        {% if left_analysis.trackers and right_analysis.trackers %}
+        <tr>
+          <td>
+            <p>Tracking analysis</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/Exodus-Privacy/exodus-core">Exodus-core</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_trackers.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_trackers.html" with d=right_analysis %}
+          </td>
+        </tr>
+        {% endif %}
 
-      {% if left_analysis.quark.crimes and right_analysis.quark.crimes %}
-      <tr>
-        <td>
-          <p>Threat analysis</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/quark-engine/quark-engine">Quark-Engine</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_quark.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_quark.html" with d=right_analysis %}
-        </td>
-      </tr>
-      {% endif %}
+        {% if left_analysis.quark.crimes and right_analysis.quark.crimes %}
+        <tr>
+          <td>
+            <p>Threat analysis</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/quark-engine/quark-engine">Quark-Engine</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_quark.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_quark.html" with d=right_analysis %}
+          </td>
+        </tr>
+        {% endif %}
 
-      {% if left_analysis.android_api_analysis and right_analysis.android_api_analysis %}
-      <tr>
-        <td>
-          <p>Behavior analysis</p>
-          <p class="text-muted small">Information computed with <a class="small" target="_blank"
-              href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
-          </p>
-        </td>
-        <td>
-          {% include "front/report/m_api.html" with d=left_analysis %}
-        </td>
-        <td>
-          {% include "front/report/m_api.html" with d=right_analysis %}
-        </td>
-      </tr>
-      {% endif %}
+        {% if left_analysis.android_api_analysis and right_analysis.android_api_analysis %}
+        <tr>
+          <td>
+            <p>Behavior analysis</p>
+            <p class="text-muted small">Information computed with <a class="small" target="_blank"
+                href="https://github.com/MobSF/Mobile-Security-Framework-MobSF">MobSF</a>.
+            </p>
+          </td>
+          <td>
+            {% include "front/report/m_api.html" with d=left_analysis %}
+          </td>
+          <td>
+            {% include "front/report/m_api.html" with d=right_analysis %}
+          </td>
+        </tr>
+        {% endif %}
 
-    </tbody>
-  </table>
-  {% endif %}
+      </tbody>
+    </table>
+    {% endif %}
+  </div>
 </div>
 {% endblock whole_content %}
\ No newline at end of file