Android App Penetration Testing Using MobSF Dynamic Analyzer Tool

Let’s see how to use the MobSF tool for penetration testing of an Android application. 

MobSF or Mobile Security Framework is an open-source tool for penetration testing of not only Android apps but also iOS and Windows apps. It helps in analyzing malware and assessing security. 

It performs the analysis automatically and shows the results under a unified interface. You can download the reports in the form of a PDF file for detailed offline analysis. 

Once MobSF is installed and running, you need to upload the APK of the Android app you want to test. MobSF will take a few minutes to analyze the app and show several metrics & insights. It gives a severity score indicating the level of security. 

It further shows the hashes, filename, and APK size. As you scroll down, you will find the main activities, package name, minimum SDK version, and the app version. In addition, the analyzed information also includes several app components. If you want to view decompiled code, it can be done dynamically. 

Let’s break down the complete MobSF analysis:

• Signer Certificate

This column shows the signer certification where you can view the information related to the developer, country, state, bit size, and more. 

• Permissions

It reveals all the permissions an app has. It categorizes these permissions as normal and dangerous so that it can be understood which app permissions can cause harm.  

• Network Security 

The column for network security reveals issues related to the security of the network. If these issues are not fixed, it can result in attacks, such as man in the middle. 

• Browsable Activities

This section shows the activities that have applied the deep link schema. 

• Manifest

MobSF analyzes the manifest file to show several aspects of the file, such as if any activities are exported, whether the app can be debugged, etc. 

• Code

The tool also analyzes the code of the app and compares it with the industry’s top security standards. Based on that, it shows the CWE and CVSS score, which helps penetration testers to understand the security status better. 

• Malware

MobSF further analyzes the APK for the identification of packers, compilers, obfuscators, etc. in the files. It helps in extracting the code and factors that can lead to malware attacks.

Learn what is PenTesting using MobSF in this detailed video: