Mobile Security Framework (MobSF) for automated pentest of Mobile Apps

MobSF is an automated penetration testing and malware analysis tool for mobile apps of all platforms – Android, iOS and Windows.

MobSF performs Static Analysis of app source code without executing the app. Hence it does not rely on runtime environment.

MobSF provides RESTAPI hence you can also perform Dynamic Analysis by integrating with DevOps pipeline to identify vulnerabilities at development stage itself.

Installation in Kali Linux

Step 1: Get MobSFdownload link

Visit MobSF GitHub repository to get download https://github.com/MobSF/Mobile-Security-Framework-MobSF.git

Step 2: Download MobSF

#mkdir MobSF
#cd MobSF
#git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git

Step 3: Install MobSF

#cd Mobile-Security-Framework-MobSF
#./setup.sh

Step 4: Run MobSF

#./runsh

Now you can access MobSF on http://localhost:8080 as shown in the screenshot above.

Last Step

Now you are all set to upload and analyse your mobile app file – apk, ipa or appx

You may also like...