CYBERSECURITY NOTES

Static Application Testing

MobSF

Quick Setup

docker pull opensecurity/mobile-security-framework-mobsf:latest
docker run -it --rm -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest

Online

Mobile Security Framework - MobSF

Scan Target Application

Download Sieve

https://github.com/mwrlabs/drozer/releases/download/2.3.4/sieve.apk

Upload Sieve application in MobSF Website

Manifest Analysis

Code Analysis

MobSF Report

Words of Caution

Eliminate flase positives
Address the need for manual testing as well
Third-party integrations
Not everything can be fixed

PreviousAspects of Android Security NextDynamic Application Testing - Part 1

Last updated 11 months ago