vulnerability scanning idea

[SecLoop]

hi

Has the app vulnerability scanning function been added

[mpast]

Hi SecLoop,
The application has static analysis that uncovers potential vulnerabilities in the source code,
Do you mean dynamic analysis to find vulnerabilities in the running apps?
Thanks

[SecLoop]

hi mpast,
yes dynamic analysis to find vulnerabilities,
Many software will be reflected when running, such as app backdoor or some local DOS vulnerabilities
Thanks

[mpast]

Hi SecLoop,
I have it in mind as an improvement for the future, but the roadmap is not yet decided,
Thanks for the recommendation,
Monica

[thecyberlearner]

Hi SecLoop, The application has static analysis that uncovers potential vulnerabilities in the source code, Do you mean dynamic analysis to find vulnerabilities in the running apps? Thanks

Hi @mpast, I am trying to figure out how the patterns are added to the database. Yes, I could see the Pattern class in models but how are the patterns added to the DB? Also, apart from apkleaks, did you create the rest of the patterns yourself?

[thecyberlearner]

Hi SecLoop, The application has static analysis that uncovers potential vulnerabilities in the source code, Do you mean dynamic analysis to find vulnerabilities in the running apps? Thanks

Hi @mpast, I am trying to figure out how the patterns are added to the database. Yes, I could see the Pattern class in models but how are the patterns added to the DB? Also, apart from apkleaks, did you create the rest of the patterns yourself?

@mpast please if you don't mind

[mpast]

Hey @thecyberlearner
The patterns are created manually and are imported in the first run into the project using django fixtures, you can see the json in app/fixtures/data.json
Thanks a lot!