# RASP module

RASP (runtime application self-protection) features to protect the app against several attack vectors. The Malwarelytics for React Native provides the `MalwarelyticsRasp` class that implements all RASP-related functionality in one place. The object allows you to register your listener that can listen to RASP events, or you can access the various information directly.

## Listen to RASP events

To listen to the RASP events, you have to register a listener that implements the `MalwarelyticsRaspListener` interface. For example:

```typescript
await Malwarelytics.sharedInstance.rasp.setRaspListener({
    debuggerDetected: function (detected: boolean): void {
        console.log(`Debugger is ${detected ? 'connected' : 'disconnected'}`);
    },
    repackagingDetected: function (info: RepackagingInfo): void {
        console.log(`Repackage detected: ${JSON.stringify(info)}`);
    },
    systemIntegrityCompromised: function (info: SystemIntegrityInfo): void {
        if (info.isJailbroken) {
        console.log(`Device is jailbroken`);
        } else if (info.isRooted) {
        console.log(`Device is rooted`);
        }
    },
    httpProxyDetected: function (info: HttpProxyInfo): void {
        console.log(`HTTP proxy is ${info.isHttpProxyEnabled ? 'active' : 'inactive'}`);
    },
    screenSharingDetected: function (info: ScreenSharingInfo): void {
        console.log(`Screen sharing detected: ${JSON.stringify(info)}`);
    },
    emulatorDetected: function (info: EmulatorInfo): void {
        // Reported only on Android
        console.log(`App is running in emulator. Type is ${info.detectedEmulatorType}`);
    },
    screenReaderDetected(info: ScreenReaderInfo): void {
        // Reported only on Android
        console.log(`Screen reader detected: ${JSON.stringify(info)}`)
    },
    tapjackingDetected: function (info: TapjackingInfo): void {
        // Android specific
        console.log(`Tapjacking detected: ${JSON.stringify(info)}`);
    },
    adbStatusDetected: function (adbStatus: boolean): void {
        // Android specific
        console.log(`ADB is ${adbStatus ? 'connected' : 'disconnected'}`);
    },
    activeCallDetected: function (info: ActiveCallInfo): void {
        // Android specific
        console.log(`Active call info: ${JSON.stringify(info)}`);
    },
    appPresenceChangeDetected: function (info: AppPresenceInfo): void {
        console.log(`App presence info: ${JSON.stringify(info)}`);
    },
    vpnDetected: function (active: boolean): void {
        console.log(`VPN is ${active ? 'active' : 'inactive'}`);
    },
    userScreenshotDetected: function (): void {
        // Apple specific
        console.log(`Screenshot detected`);
    },
    reverseEngineeringToolsDetected: function (): void {
        // Apple specific
        console.log(`Reverse Engineering tools detected`);
    },
    systemPasscodeConfigurationChanged: function (enabled: boolean): void {
        // Apple specific
        console.log(`System passcode is ${enabled ? 'set' : 'not set'}`);
    },
    systemBiometryConfigurationChanged: function (enabled: boolean): void {
        // Apple specific
        console.log(`Biometry is ${enabled ? 'enrolled' : 'not enrolled'}`);
    },
    isOnCallChanged: function (isOnCall: boolean): void {
        // Apple specific
        console.log(`Phone call is ${isOnCall ? 'active' : 'not active'}`);
    }
});
```

To remove the previously set listener, use the following code:

```typescript
Malwarelytics.sharedInstance.rasp.removeRaspListener();
```


## Get current RASP signals

The following code example shows how to get the current information about RASP threats:

```typescript
const rasp = Malwarelytics.sharedInstance.rasp

// Common signals
const systemIntegrity = await rasp.getSystemIntegrityInfo();
console.log(`Is jailbroken = ${systemIntegrity.isJailbroken}`);
console.log(`Is rooted = ${systemIntegrity.isRooted}`);
if (systemIntegrity.isJailbroken || systemIntegrity.isRooted) {
    console.log(`System integrity info = ${JSON.stringify(systemIntegrity)}`);
}

const isEmulator = await rasp.isRunningInEmulator()
console.log(`Running in emulator = ${isEmulator}`);
if (isEmulator) {
    console.log(`Emulator type = ${(await rasp.getEmulatorInfo()).detectedEmulatorType}`);
}

console.log(`Is debugger conencted = ${await rasp.isDebuggerConnected()}`);
console.log(`Rpackaging info = ${await rasp.getRepackagingInfo()}`);

const httpProxy = await rasp.getHttpProxyInfo();
console.log(`Is HTTP proxy = ${httpProxy.isHttpProxyEnabled}`);
if (httpProxy.isHttpProxyEnabled) {
    console.log(`HTTP proxy info = ${JSON.stringify(httpProxy)}`);
}

const screenSharing = await rasp.getScreenSharingInfo();
console.log(`Is Screen shared or captured = ${screenSharing.isScreenShared}`);
if (screenSharing.isScreenShared) {
console.log(`Screen sharing info: ${JSON.stringify(screenSharing)}`);
}

console.log(`Is VPN active = ${await rasp.isVpnActive()}`);
console.log(`Phone call = ${await rasp.isOnCall()}`);
console.log(`App presence info = ${JSON.stringify(await rasp.getAppPresenceInfo())}`);

// Apple specific

if (Platform.OS == 'ios') {
    console.log(`Reverse engineering tools present = ${await rasp.isReverseEngineeringToolsPresent()}`);
    console.log(`System passcode is set = ${await rasp.isSystemPasscodeEnabled()}`);
    console.log(`Biometry is enrolled = ${await rasp.isSystemBiometryEnabled()}`);
}

// Android specific

if (Platform.OS == 'android') {
    console.log(`Tapjacking info = ${JSON.stringify(await rasp.getTapjackingInfo())}`);
    console.log(`ADB is ${(await rasp.getAdbStatus()) ? 'connected' : 'not connected'}`);
    console.log(`Screen lock is enabled = ${await rasp.isScreenLockEnabled()}`);
    console.log(`Play protect enabled = ${await rasp.isPlayProtectEnabled()}`);
    console.log(`Not allowed screen reader is enabled = ${await rasp.isNotAllowedScreenReaderEnabled()}`);
    console.log(`Bad Tapjacking capable app is present = ${await rasp.isBadTapjackingCapableAppPresent()}`);
    console.log(`Developer options enabled = ${await rasp.isDeveloperOptionsEnabled()}`);
    console.log(`Active call info = ${JSON.stringify(await rasp.getActiveCallInfo())}`);
}
```

## Activity protection on Android

By default, Malwarelytics for React-Native, when initialized on Android, automatically protects the current application's activity and any subsequent activities against various threats, including tapjacking. However, if your application created any `Activity` objects before initializing the Malwarelytics module, you will need to register them manually for protection. For example:

```java
import com.wultra.android.malwarelytics.reactnative.MalwarelyticsNativeHelper;

public class AnotherActivity extends ReactActivity {
    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        MalwarelyticsNativeHelper.getInstance().registerActivityForProtection(this);
    }
}
```

<!-- begin box info -->
You can read more about activity protection in [Android Native Library's](https://github.com/wultra/antivirus/blob/develop/docs/Activity-Protection.md) documentation.
<!-- end -->

## Read Next

- [Antivirus Module](Usage-AV.md)
- [Demo Application](Demo-App.md)