PEpper VS Mobile-Security-Framework-MobSF

As others have mentioned, looking at entropy is a good metric to generically determine whether or not a given sample is being packed / obfuscated in some way. Doing static analysis on the binary format itself (I'm assuming PE for Windows is the goal) is also useful, such as checking whether or not a section's raw size on disk is much smaller than the virtual size allocated in-memory for that section, which is a reliable indication of packing behavior. This project looks useful for introspecting such behaviors.

the program is from github too lmao https://github.com/MobSF/Mobile-Security-Framework-MobSF 😭

I can say only for android: - General Scanner -> https://github.com/MobSF/Mobile-Security-Framework-MobSF - Decompiler -> https://github.com/skylot/jadx

You want to useMobSF to disable Certificate Pinning and install your Burp CA. Then, set up a network to be able to MitM the traffic.

# This will download MobSF into a folder # called Mobile-Security-Framework-MobSF git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git

MobiSRF:Mobile Appliation testing)Mobile Security System (MobSF) is an integrated, all-in-one mobile device pen-testing, malware analysis, and vulnerability evaluation system capable of conducting static and dynamic analysis (Android/iOS/Windows). MobSF accepts mobile app binaries (APK, XAPK, IPA, and APPX) as well as zipped source code and offers REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.You may use the Dynamic Analyzer to conduct runtime security assessments and immersive instrumented monitoring.

MobSF/Mobile-Security-Framework-MobSF (Python): Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.