search

MobSF / Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
https://opensecurity.in
GNU General Public License v3.0
16.66k stars 3.16k forks source link

Why static code files are not matching with the actual files that I have under .apk file that I am scanning #2401

Closed meghasinghal1 closed 3 weeks ago

github-actions[bot] commented 3 weeks ago

👋 @meghasinghal1 Issues is only for reporting a bug/feature request. For limited support, questions, and discussions, please join MobSF Slack channel Please include all the requested and relevant information when opening a bug report. Improper reports will be closed without any response.

meghasinghal1 commented 3 weeks ago

Why static code files are not matching with the actual files that I have under .apk file that I am scanning.

Actually I scanned a attached .apk file (I had to zip .apk file) and it has the following files when I am extracting from my C# code but getting different files in the static code analysis scan response that I have highlighted below. May I know the reason as I am new to Android development and I need the same files -

Could someone please help on this, how can I get the same set of files?

Andorid.zip

Actual files that I have under .apk file javax/annotation/CheckForNull.java javax/annotation/CheckForSigned.java javax/annotation/CheckReturnValue.java javax/annotation/Detainted.java javax/annotation/MatchesPattern.java javax/annotation/Nonnegative.java javax/annotation/Nonnull.java javax/annotation/Nullable.java javax/annotation/OverridingMethodsMustInvokeSuper.java javax/annotation/ParametersAreNonnullByDefault.java javax/annotation/ParametersAreNullableByDefault.java javax/annotation/PropertyKey.java javax/annotation/RegEx.java javax/annotation/Signed.java javax/annotation/Syntax.java javax/annotation/Tainted.java javax/annotation/Untainted.java javax/annotation/WillClose.java javax/annotation/WillCloseWhenClosed.java javax/annotation/WillNotClose.java javax/annotation/concurrent/GuardedBy.java javax/annotation/concurrent/Immutable.java javax/annotation/concurrent/NotThreadSafe.java javax/annotation/concurrent/ThreadSafe.java javax/annotation/meta/Exclusive.java javax/annotation/meta/Exhaustive.java javax/annotation/meta/TypeQualifier.java javax/annotation/meta/TypeQualifierDefault.java javax/annotation/meta/TypeQualifierNickname.java javax/annotation/meta/TypeQualifierValidator.java javax/annotation/meta/When.java

Below are the files I am getting in scan response - image

ajinabraham commented 3 weeks ago

Please use slack for support