Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Mobile Security Framework (MobSF) Configuration
- Python 3.6+ - Python 3.6 Download
- Oracle JDK 1.7 or above - Java JDK Download
- Mac OS Users must install Command-line tools - How to Install Commandline Tools in Mac
- iOS IPA Analysis works only on Mac and Linux.
- Windows App Static analysis requires a Windows Host or Windows VM for Mac and Linux. For Windows App Static Analysis, Read Windows App Static Analysis
- On Linux and Mac, install Oracle Java 1.7 or above and make it the default one.
- On Linux, make sure you have 32 bit execution support enabled.
- If you are going to use MobSF x86 Android VM, it requires Oracle VirtualBox - VirtualBox Download.
- Download MobSF Android x86 4.4.2 VM (v0.3) ova file: https://goo.gl/QxgHZa
- If you are going to use MobSF Android AVD (ARM Emulator), It requires Android Studio and a configured AVD.
- Download MobSF Android arm Emulator 4.1.2 (v1.0) file https://goo.gl/LRrGs3
- Hardware Requirements: Min 4GB RAM, 5GB HDD/SSD and Virtualization Support for running MobSF VM and Intel HAXM if you are running MobSF ARM Emulator.
Run MobSF Docker image
Lazy to setup Static Analysis? Use the latest MobSF docker image. (Dynamic analysis mostly need you to configure MobSF in host OS than inside a container.)
docker pull opensecurity/mobile-security-framework-mobsf docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest
Configuring Static Analyzer
Tested on Windows (7, 8, 8.1, 10), Kali (2016.2), Ubuntu (14.04, 16.04) , OSX (Mavericks, Yosemite, El Capitan), OS (Sierra, High Sierra)
If you need Dynamic Analysis do not setup MobSF inside a VM or use Docker, set it up in your Host OS.
git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git cd Mobile-Security-Framework-MobSF ./setup.sh # For Linux and Mac setup.bat # For Windows
PDF Report Generation
- You need to install
wkhtmltopdfbinary separately for generating PDF reports.
- Check wkhtmltopdf downloads and Installing wkhtmltopdf wiki for more information.
- In Windows, you need to add the folder that contains
wkhtmltopdfbinary to environment variable PATH.
- For Linux and Mac:
- For Windows:
If everything goes right, you will get an output like the one below.
You can navigate to
http://localhost:8000/ to access the MobSF Web interface.
If you need to run on a specific port number try
python manage.py runserver PORT_NO.
To expose MobSF to a particular IP, you can try
python manage.py runserver IP:PORT_NO. This needs to be executed from within the virtualenv.
Configuring Dynamic Analyzer
MobSF Dynamic Analysis currently supports Android and can be done in four ways.
- Dynamic Analysis with MobSF Android 4.4.2 x86 VirtualBox VM - default (Fast, not all Apps work)
- Dynamic Analysis with MobSF Android 4.1.2 arm Emulator - (Slow, Most Apps work) (Not Supported Anymore)
- Dynamic Analysis using a Rooted Android 4.03 - 4.4 Device (Very Fast, All Apps work)
- Dynamic Analysis using a Rooted Android 4.03 - 4.4 VM (not tested)
If you are updating MobSF, In most cases you might have to perform database migrations or you will see errors such as
[ERROR] Saving to DB (E:\Mobile-Security-Framework-MobSF\StaticAnalyzer\views\android\db_interaction.py, LINE 236 "static_db.save()"): table StaticAnalyzer_staticanalyzerandroid has no column named
Run the below command to migrate your db
python3 manage.py makemigrations python3 manage.py migrate
If the above changes didn't work, you might have to run
scripts) in Mac/Linux. After that run the above commands.
NOTE: This will remove the previously saved MobSF scan results.
Some components are disabled by default as they are experimental
APKiD is disabled by default. Before enabling you will have to install the rednaga fork of yara-python.
git clone --recursive https://github.com/rednaga/yara-python-1 yara-python cd yara-python python3 setup.py build --enable-dex install
Enable APKiD in
settings.py by setting
VirusTotal Scan is disabled by default. You need to add your VirusTotal API Key before enabling it. If you don't have an API Key, Register at https://www.virustotal.com/#/join-us and access your API Key from https://www.virustotal.com/en/user/[username]/apikey/. In
settings.py, add your API Key to
VT_API_KEY and set
Mass Static Analysis
MobSF supports mass static analysis: Run Mass Static Analysis with MobSF
Using Postgres DB instead of SQLite:
Home Directory Support
If you want all user uploads, downloads and user configurations to be created in home directory, enable home directory support: Home Directory Support
Docker Image for MobSF Static Analysis
MobSF REST API Docs: API Docs
You can run all the unit tests with
python manage.py test