-
mobsfscan
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
In the presentation, I mentioned different automated security testing tools that we can use with Android.One of these tools is MobSF — it’s an open-source static analysis tool that can find insecure code patterns in your Android and iOS source code supports Java, Kotlin, Swift, and Objective C.
An Android application, you can fork the Insecure Shop app from GitHub and use it as a demo if you don’t have an Android app.
This article walks you through the steps of setting up the MobSF Scan tool on an AWS EC2 machine with Docker to be able to run your static analysis tests for Android apps easily.