search

MobSF / Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
https://opensecurity.in
GNU General Public License v3.0
17.18k stars 3.22k forks source link

Bug Fixes + Improvements #2307

Closed ajinabraham closed 9 months ago

ajinabraham commented 9 months ago

Describe the Pull Request

* Replace Android test APK
* Added tests for Library analysis from binary (scan_library route)
* iOS merge findings from swift and objective c rules with same rule identifier. Fixes #2287 
* iOS Binary analysis, sort regex matches. Fixes #2252
* Framework dylibs with no extensions to skip PIE checks. Fixes #2307
* Select correct network_security config. Fixes #2049
* Android Manifest Analysis added support for detecting task hijacking (StrandHogg 1.0 and StrandHogg 2.0) . Fixes #2124
* Added new manifest analysis rule to warn on apps targeting older Android OS
* Updated severity of findings
* UI improvement for AppSec dashboard to show a loader
* UI changes in Static Analysis to collapse large no of files in API and Code Analysis for better real estate
* Improved certificate file analysis for android, jar, aar, and ios
* MobSF version Bump

Checklist for PR

Additional Comments (if any)

DESCRIBE HERE
github-actions[bot] commented 9 months ago

👋 @ajinabraham Thank you for sending this pull request ❤️. Please make sure you have followed our contribution guidelines. We will review it as soon as possible