aura
Mobile-Security-Framework-MobSF
Our great sponsors
aura | Mobile-Security-Framework-MobSF | |
---|---|---|
3 | 6 | |
483 | 16,289 | |
0.4% | 2.3% | |
4.3 | 8.7 | |
7 months ago | 11 days ago | |
Python | JavaScript | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
aura
- Aura – Python source code auditing and static analysis on a large scale
-
A Large-Scale Security-Oriented Static Analysis of Python Packages in PyPI
I've done extensive research in this area and looked at existing tools including bandit to scan the whole pypi repository and monitor what is being uploaded there, the conclusion was that most of the tools are not up for this task so I made a new framework from scratch that is specially design for this purpose, to scan the whole PyPI repository, it's called Aura: https://github.com/SourceCode-AI/aura
-
Ever npm/pip installed malware? A modest call for action
Consider contributing your talents to projects that seek to improve the security of these registries. One project worth your attention is Aura, a Python source code auditing and static analysis tool. For those who want to explore Python malware detection challenges identified as important by the Python Software Foundation, see here. Consider contributing malware checks to the Python Package Index codebase, aka Warehouse.
Mobile-Security-Framework-MobSF
-
Hacking & Gaming :)
the program is from github too lmao https://github.com/MobSF/Mobile-Security-Framework-MobSF 😭
-
Can anyone recommend a good tool to pentest mobile apps?, I have the packages locally. Thanks
I can say only for android: - General Scanner -> https://github.com/MobSF/Mobile-Security-Framework-MobSF - Decompiler -> https://github.com/skylot/jadx
-
iOS pentest help
You want to useMobSF to disable Certificate Pinning and install your Burp CA. Then, set up a network to be able to MitM the traffic.
-
Strengthen your Android or iOS Application Security using MobSF - Learn by example (2021)
# This will download MobSF into a folder # called Mobile-Security-Framework-MobSF git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git
-
Tools and Skills to be the Bug Bounty Hunting.
MobiSRF:Mobile Appliation testing)Mobile Security System (MobSF) is an integrated, all-in-one mobile device pen-testing, malware analysis, and vulnerability evaluation system capable of conducting static and dynamic analysis (Android/iOS/Windows). MobSF accepts mobile app binaries (APK, XAPK, IPA, and APPX) as well as zipped source code and offers REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.You may use the Dynamic Analyzer to conduct runtime security assessments and immersive instrumented monitoring.
-
Weekly Developer Roundup #21 - Sun Nov 08 2020
MobSF/Mobile-Security-Framework-MobSF (Python): Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
What are some alternatives?
pytype - A static type analyzer for Python code
RMS-Runtime-Mobile-Security - Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
pip-audit - Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them
OpenCorePkg - OpenCore bootloader
pyt - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
PEpper - An open source script to perform malware static analysis on Portable Executable
anchore-engine - A service that analyzes docker images and scans for vulnerabilities
apkleaks - Scanning APK file for URIs, endpoints & secrets.
Flake8 - flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code.
Deep Java Library (DJL) - An Engine-Agnostic Deep Learning Framework in Java
MobileApp-Pentest-Cheatsheet - The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
bevy - A refreshingly simple data-driven game engine built in Rust