Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK & IPA) and zipped source code. MobSF can also perform Web API Security testing with it’s API Fuzzer that can do Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session and API Rate Limiting.
- Clipboard Monitor for Android Dynamic Analysis
- Windows APPX Static Analysis Support
- Added Docker File
- Added Support for Kali Linux
- Code Quality and Lintering
- Partial PEP8 Formating, Code Refactoring and Restructuring
- Imporved Static Analyzer Regex
- Disabling Syntax Highlighter Edit mode
- More MIME Type additions
- Update File Upload Size to 100 MB
- MobSFfy script to support commandline args
- New strings.py tool for string extraction in iOS Apps.
- Updated iOS Static Analysis ruleset.
- Django Upgrade to 1.10
- MobSF VM 0.3 Released
More Information: here
[button size=large style=round color=red align=none url=https://github.com/ajinabraham/Mobile-Security-Framework-MobSF]Download MobSF v0.9.3[/button]
Thanks to our friend Ajin Abraham for sharing this tool with us 😉