Closed junwei-liu closed 4 months ago
github-actions[bot]
commented
5 months ago 👋 @junwei-liu Issues is only for reporting a bug/feature request. For limited support, questions, and discussions, please join MobSF Slack channel Please include all the requested and relevant information when opening a bug report. Improper reports will be closed without any response.
junwei-liu
commented
5 months ago Sorry, because I am in mainland China. So I can't join https://mobsf.slack.com/unsupported-geo#/.
ajinabraham
commented
4 months ago We do have suppression feature for a lot of findings. What are you trying to suppress in particular?
jvictors-tp
commented
4 months ago @ajinabraham I am also trying to find documentation on suppressing findings within the static analysis of an APK or IPA app file. For example, known behaviors or permissions that I'd like to ignore so that it isn't part of the scorecard. I see that there's a section to list suppressed findings, but there's no control to add new ones. I've gone through the documentation and the DEFCON video and I haven't seen how to do this. Can this be better documented?
ajinabraham
commented
4 months ago @junwei-liu @jvictors-tp Suppression is currently available for MANIFEST ANALYSIS, CODE ANALYSIS for Android and IPA BINARY CODE ANALYSIS, CODE_ANALYIS findings for iOS. There are columns at the end of the table that allow you to do so.
Some features like permissions does not contribute to a score and cannot be suppressed.
I hope mobsf can support ignoring some detected problems and prevent these ignored problems from appearing in the report.