ylcangel/Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Mobile Security Framework (MobSF)

Version: v3.0 beta

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.

Made with in India

MobSF is also bundled with Android Tamer and BlackArch

Buy us a Coffee!

Donate via Paypal: Send Bitcoins:

Documentation

Try MobSF Static Analyzer Online

Collaborators

Ajin Abraham | Dominik Schlecht | Magaofei | Matan Dobrushin | Vincent Nadal

e-Learning Courses & Certifications

• Automated Mobile Application Security Assessment with MobSF -MAS
• Android Security Tools Expert -ATX

MobSF Support Packages

• For free limited support, use our Slack Channel: mobsf.slack.com
• For enterprise support, priority feature requests and live training, see MobSF Support Packages

Presentations

• OWASP APPSEC EU 2016 - Slides, Video
• NULLCON 2016 - Slides
• c0c0n 2015 - Slides
• G4H Webcast 2015 - Video

What's New?

• See Changelog

Contribution, Feature Requests & Bugs

• Read CONTRIBUTING.md before opening bugs, feature requests and pull request.
• Feature Requests: @ajinabraham or @OpenSecurity_IN.
• For discussions, questions and limited support, use our Slack Channel mobsf.slack.com: Join MobSF Channel
• Open Bugs after reading Guidelines to Report a Bug

Screenshots

Static Analysis - Android

Static Analysis - iOS

Dynamic Analysis - Android APK

Web API Viewer

Credits

• Abhinav Sejpal (@Abhinav_Sejpal) - For poking me with bugs, feature requests, and UI & UX suggestions.
• Amrutha VC (@amruthavc) - For the new MobSF logo
• Anant Srivastava (@anantshri) - For Activity Tester Idea
• Anto Joseph (@antojosep007) - For the help with SuperSU.
• Bharadwaj Machiraju (@tunnelshade_) - For writing pyWebProxy from scratch
• Dominik Schlecht - For the awesome work on adding Windows Phone App Static Analysis to MobSF
• Esteban - Better Android Manifest Analysis and Static Analysis Improvement.
• Matan Dobrushin - For adding Android ARM Emulator support to MobSF - Special thanks goes for cuckoo-droid, I got inspired by their code and idea for this implementation.
• MindMac - For writing Android Blue Pill
• Rahul (@c0dist) - Kali Support
• Shuxin - Android Binary Analysis
• Thomas Abraham - For JS Hacks on UI.
• Tim Brown (@timb_machine) - For the iOS Binary Analysis Ruleset.
• Oscar Alfonso Diaz - (@OscarAkaElvis) - For Dockerfile contributions
• Abhinav Saxena - (@xandfury) - For Travis CI and Logging integration