MASTG-TOOL-0002: MobSF for Android
After MobSF is done with its analysis, you will receive a one-page overview of all the tests that were executed. The page is split up into multiple sections giving some first hints on the attack surface of the application.
The following is displayed:
- Basic information about the app and its binary file.
- Some options to:
- View the
AndroidManifest.xml
file. - View the IPC components of the app.
- View the
- Signer certificate.
- App permissions.
- A security analysis showing known defects e.g. if the app backups are enabled.
- List of libraries used by the app binary and list of all files inside the unzipped APK.
- Malware analysis that checks for malicious URLs.
Refer to MobSF documentation for more details.