Static Application Testing

MobSF

Quick Setup

docker pull opensecurity/mobile-security-framework-mobsf:latest
docker run -it --rm -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest

Online

Scan Target Application

Download Sieve

Upload Sieve application in MobSF Website

Manifest Analysis

Code Analysis

MobSF Report

Words of Caution

  • Eliminate flase positives

  • Address the need for manual testing as well

  • Third-party integrations

  • Not everything can be fixed

PreviousAspects of Android SecurityNextDynamic Application Testing - Part 1

Last updated