Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Android string extraction to fallback on aapt2 strings
APK analysis arguments refactor
Explicit Zipslip handling during ZIP extraction
Graceful files extraction on unzip failure
Removed bail out and continue analysis
Moved androguard parsing to the start of static analysis
AndroidManifest.xml fallback from apktool to androguard during extraction and parsing
Updated Tasks UI to show started at
Save only unique intent priorities in findings
Add files list in scorecard description
Bug Fixes
Bug fix in firebase analysis
Fixed bug in certificate analysis.
Fix TOCTOU in delete scans view
Bug fix in enqueue model schema
Bug Fix in app_dict init.
Fixed a bug in iOS pbxproj parsing
Fixed a bug executing setup.sh script in python venv
What's Changed
[HOTFIX] + Features by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2444
4.1.5 by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2445
Add support for pulling split apks, Fixes #2271 by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2446
docker compose QA, explict requests timeout by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2447
4.1.8 by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2448
4.1.9 by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2449
4.2.0 by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2450
4.2.1 by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2451
4.2.2 by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2452
[4.2.3] Update status on task timeout by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2454
[4.2.4] Async analysis REST API support, fix timeout handle function, Qa by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2456
4.2.5 by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2457
4.2.6 by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2459
[4.2.7] Androguard & ApkInspector Bump + Patch AXMLParsing by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2461
[4.2.7] Updates by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2462
[4.2.8] Multiple APK Analysis improvements, general Code QA & bug fixes by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2470
Save only unique intent priorities in findings by @dmarushkin in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2474
Add files list in scorecard desc by @dmarushkin in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2473
Byte snipers patch 2 by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2477
Nick lupien nick lupien/fix fps manifest analysis by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2484
New Contributors
@dmarushkin made their first contribution in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2474
@nick-lupien made contribution in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2484
@ByteSnipers made contribution in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2477
Full Changelog: https://github.com/MobSF/Mobile-Security-Framework-MobSF/compare/v4.1.3...v4.3.0