-
## Description
Create a new risk for "Sensitive Data Stored Unencrypted in Private Storage Locations (MASVS-STORAGE-1)" using the following information:
Sensitive data may be stored in internal …
-
Steps to Reproduce
We have got a security warning flagged by NowSecure, our mobile security scanner. The test looks in the decompiled code of the binary for instances of static strings being used as …
-
### How can we help?
Goodnight.
After a static test using MobSF in version 3.3.0 of oneSignal, I got a feedback about the "WebViewManager.java" class that is using the "enableWebViewRemoteDebuggin…
-
Generate APK and analyze it using MOBSF
Environment
react-native-code-push version: 6.2.1
react-native version: 0.63.4
version: android 29
I also tried upgrading nimbusds to 9.8.1 which is la…
-
## Description
Create a new risk for "Insecure Random Usage (MASVS-CRYPTO-1)" using the following information:
Using a non-cryptographically secure PRNG in a security context, such as authenticati…
-
### New Version
0.71.2
### Old Version
0.71.2
### Build Target(s)
upgrade okhttp
### Output of `react-native info`
### Issue and Reproduction Steps
Steps to Reproduce:
Login to the Andr…
-
Hi, I can't execute js hook script since Frida 16.1.5.
- Environment
1) Magisk 23.0(23000)
2) Android 11 (SM-G986N)
3) Python Binding: frida==16.1.5, frida-tools==12.3.0
Please reply af…
-
I installed latest version of RMS and frida 16.0+. I am using android studio's version 7 emulator with architecture x86_64. Now the error I am getting is this Package Name: owasp.mstg.uncrackable1
Mo…
-
### Finding Description
The app has globally allowed insecure connections.
By default, Android prohibits the use of cleartext communications in apps targeting Android 9 or above. If your app explici…
-
## Description
Create a new risk for "Insertion of Sensitive Data into Logs (MASVS-STORAGE-2)" using the following information:
Android APIs e.g. Log, Logger or iOS APIs e.g. NSLog, NSAssert.
…