A native Android security demo that detects root/tamper indicators via C++17 + JNI and visualizes an integrity score with Jetpack Compose.
Jetpack Compose UI
│
▼
NativeChecker.kt ──(JNI)──▶ native-lib.cpp (C++17)
│
┌───────────┼───────────┐
▼ ▼ ▼
stat() call __system_ /sys/fs/
(su binary) property_get selinux/
(build props) enforce
│
▼
JSON result string
│
▼
Score computed in Kotlin
- The UI triggers a check via
NativeChecker.nativeCheck() - JNI calls into
native-lib.cpp, which runs all checks using Android system APIs - Results are returned as a JSON string and parsed in
MainActivity.kt - The integrity score is computed from the parsed results and displayed
| Check | What It Detects | Score Penalty |
|---|---|---|
| Su binary | /system/xbin/su file presence |
−70 |
| Build tags | ro.build.tags contains test-keys |
−15 |
| Debuggable flag | ro.debuggable == 1 |
−10 |
| Secure flag | ro.secure == 0 |
−10 |
| SELinux enforcement | /sys/fs/selinux/enforce == 0 |
−10 |
Score is clamped to the range [0, 100].
graph TD
A[Jetpack Compose UI] -->|Button tap| B[NativeChecker.kt]
B -->|JNI call| C[native-lib.cpp / C++17]
C -->|stat| D["Filesystem: /system/xbin/su"]
C -->|__system_property_get| E[System Properties]
C -->|read| F["/sys/fs/selinux/enforce"]
C -->|JSON string| B
B -->|parse + score| A
Module layout:
app/src/main/
├── java/com/abdulmuhg/rootintegritydetector/
│ ├── MainActivity.kt # Compose UI + score logic
│ └── NativeChecker.kt # JNI bridge (loads native library)
└── cpp/
├── CMakeLists.txt # CMake config, C++17, -O2
└── native-lib.cpp # All security checks
- Android Studio Ladybug or newer
- NDK r27+ (install via SDK Manager → SDK Tools → NDK)
- CMake 3.22+ (install via SDK Manager → SDK Tools → CMake)
git clone https://github.com/abdulmuhg/RootIntegrityDetector.git
cd RootIntegrityDetector- Open the project in Android Studio
- Let Gradle sync complete
- Connect a device or start an emulator (API 24+)
- Click Run or press
Shift+F10 - Tap Run Integrity Check in the app
For best results, test on both a stock (non-rooted) device and a rooted/emulator device to see the score difference.
- Additional root detection checks (Magisk paths,
/proc/mountsscan, build fingerprint) - Unit tests for the native layer using Google Test / CTest
- CI/CD via GitHub Actions (build + lint on every PR)
- ProGuard/R8 configuration for release builds
Contributions are welcome! See CONTRIBUTING.md for guidelines on reporting bugs, suggesting features, and submitting pull requests.
This project is licensed under the MIT License.