Difference between revisions of "Mobile-Security-Framework-MobSF"
(Added/removed some content.) |
|||
| Line 29: | Line 29: | ||
MobSF also gives the user the opportunity to compare different apks. | MobSF also gives the user the opportunity to compare different apks. | ||
[[File:modsf_Static_3.png|1200px]] | [[File:modsf_Static_3.png|1200px]] | ||
Revision as of 16:34, 13 January 2023
Summary
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.
Requirements
- Follow the Install Mobile-Security-Framework-MobSF guide for static analysis.
- Optional: Follow the Install Genymotion guide for dynamic analysis.
Description
Step 1: Open the Webpage
Step 2: Upload Mobile Application
Select the upload button. This could take a while, because MobSF will decompile the apk and analyze all the files and dependencies.
Step 3: Static Analysis
After uploading our Mobile Application the Report will be generated and we can see the resulting information.
On the starting page we can see a general overview about the results:
If MobSF finds CWE's during the code analysis, the results will be shown like this:
MobSF also gives the user the opportunity to compare different apks.
Optional Step 4: Dynamic Analysis
If the dynamic analysis is started, a emulation of the app will be started and it is possible to monitor the behaviour and possibly load some Java scripts.
Used Hardware
Device to be used with this documentation Maybe another device to be used with this documentation
Courses
- Sichere Softwareentwicklung (IT-Security 22/23)