Web Application Security
Releasing Mobile Security Framework v0.9 Mar 14 2016 09:20AM
Ajin Abraham (ajin25 gmail com)
Hey Folks,

I just released a new version of Mobile Security Framework, an open
source framework capable of performing end to end security testing of
mobile applications.

Mobile Security Framework (MobSF) is an all-in-one open source mobile
application (Android/iOS) automated pen-testing framework capable of
performing static and dynamic analysis. It can be used for effective
and fast security analysis of Android and iOS Applications and
supports both binaries (APK & IPA) and zipped source code. MobSF can
also do Web API Security testing with it's API Fuzzer that performs
Information Gathering, analyze Security Headers, identify Mobile API
specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and
other logical issues related to Session Management and API Rate
Limiting.

Lots of new Features including:

* Improved and Responsive UI
* Live Device/VM ScreenCast on Dynamic Analyzer view
* Dynamic SSL Testing
* Exported Activity Tester and PoC Generation
* All new REST API Fuzzer for Security Testing backend servers of
Hybrid Mobile Apps
* Custom VM and Android Device Support for MobSF Dynamic Analysis
* Updated Static Analyzer rule set.
* Recent Scan View
* Improved Web Proxy, Error Handling and Dynamic Analyzer logic.
* Anti Emulator Check Bypass.

Download
https://github.com/ajinabraham/Mobile-Security-Framework-MobSF

Slides from my talk @ nullcon
http://www.slideshare.net/ajin25/nullcon-goa-2016-automated-mobile-appli
cation-security-testing-with-mobile-security-framework-mobsf

Documentation
https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/1.-D
ocumentation

Video Course
https://opsecx.com/index.php/course/automated-mobile-application-securit
y-assessment-with-mobsf/

Regards,

Ajin Abraham,
Security Researcher
Linkedin: https://in.linkedin.com/in/ajinabraham
Twitter: https://twitter.com/ajinabraham
Web: http://opensecurity.in

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus