The image depicts a simplified dynamic feature involving a reflection call. In this scenario, the method called is determined by the name provided in the reflection method call. For instance, in the example, the method "target" is called with the parameter "true". The dynamic call graph illustrates the actual behavior observed in the example. Here, the main function invokes "target" via reflection, and "target" in turn calls function "a" due to the parameter being "true". Consequently, the method call to "b" is missed because the else branch is not executed in this particular example. On the other hand, the static call graph includes the method call to "b", but fails to connect "main" and "target" via reflection due to the inability to resolve the reflection. By merging both call graphs, the hybrid call graph encompasses all possibilities of the given example, providing a comprehensive representation of the system's behavior.

In scenarios where the else branch calls "b" via reflection, static analysis would struggle to accurately construct the call graph, while dynamic analysis wouldn't support it since the branch isn't executed. Therefore, the objective of this master thesis is to develop the tool Cut'n'Run. This tool aims to extract methods with uncovered dynamic features, execute them, and record their behavior. By doing so, Cut'n'Run facilitates the creation of a more accurate call graph, ensuring comprehensive analysis of the system's behavior. The previous work on Harvester, which specializes in extracting code and neutralizing anti-dynamic-analysis techniques to execute malicious code, could serve as a foundation for extending to this use case.