Automated Mobile Security penetration testing framework: Mobile Security Framework

Others 2019-07-29 11:53:05 views: null

Automated Mobile Security penetration testing framework: Mobile Security Framework

Translation / Sphinx  Test development community   July 3

 

Mobile Security Framework (Mobile Security Framework) is an intelligent, integrated open source mobile application (Android / iOS) automatically penetration testing framework, it can be static and dynamic analysis.

Now we are using a variety of different tools to decompile, decode, debug, code review, penetration testing, which will spend a lot of time and effort. Mobile Security Framework can be used on Android and iOS applications are fast and efficient safety analysis. This framework supports binary file (APK & IPA) and the source archive.

Features

Static analyzer automated code audit can be performed, and permission requests detected unsafe settings, may also detect unsafe code, such as a bypass ssl, weak encryption, using improper codes confusion, hard-coded passwords, dangerous API, sensitive information / personally identifiable information leaks, unsafe file storage.

Dynamic analyzer may detect problems during operation in a virtual machine or via a program running on the device configuration. Dynamic analyzer can, HTTPS traffic decryption program dump from captured network packets, further analysis of log, bug and crash reports, debugging information, set the stack trace files and programs, databases, and so on.

Another feature of this framework is its scalability, you can easily develop custom rules. After the end of the test program will generate a clear report. We will further expand the time frame to support Tizen, WindowsPhone platforms.

Screenshots show

Static analysis - Android APK

Static analysis - iOS IPA

Sample Report: http://opensecurity.in/research/security-analysis-of-android-browsers.html

GitHub Home

https://github.com/ajinabraham/Mobile-Security-Framework-MobSF

Use document

https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/Documentation

Bug提交

https://github.com/ajinabraham/YSO-Mobile-Security-Framework/issues

新功能或更新可以关注@ajinabraham 或者@OpenSecurity_IN

 

本文转载来自:Freebuf黑客与极客(FreeBuf.COM)

Guess you like

Origin www.cnblogs.com/finer/p/11261831.html
Recommended
Ranking
ElasticSearch-- data modeling best practices
Permission Maintenance - Shadow User Backdoor
Refactor the code using MVP mode
Quantitative investment-fundamental model-PVC multi-factor model
Spark Big Data Processing Lecture Notes 3.2 Mastering RDD Operators
Blazor page components (2)
Erlernen von Kenntnissen zur Android-Entwicklung – Kodierung, Verschlüsselung, Hash, Serialisierung und Zeichensätze
About Qi high in JAVA study notes SORM summary detailed personal explanation
Will you calculate the accuracy of the rope displacement sensor in the measurement?
OPENJTAG debugging learning (3): debugging using the gdb command line
Daily
More
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)

Code World

© 2018 codetd.com