Static analysis for mobile application

Here we have a simple tool to do the code level analysis of android applications. I found out this tool during my research for android application testing. The tool does not give an end 2 end analysis of the application but a few security bits about the application like security permissions. The solution a freeware with little functionality.

Let’s get started.

Requirements:

  • JDK 1.7+
  • Python 2.7
  • MOBSF bundle : https://github.com/ajinabraham/Mobile-Security-Framework-MobSF

Install the requirements with a single command:-

C:\Python27\Scripts\pip.exe install -r requirements.txt

1scanning

Once the installation is complete run the MOBSF server with the below command:

python manage.py runserver

2-running-the-server

Now open the browser and point it to 127.0.0.1:8080

3-ui

Now upload the application and you will get the analysis report in a few moments.

4-analysisng5-oput-16-oput-27-oput-3

MOBSF can also be used for performing the dynamic analysis as well .. Explore it.!!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s