68
0

Mobile Security Framework (MobSF) – Kali Linux

68

What is MobSF ?

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, XAPK, IPA & APPX) along with zipped source code and provides REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.

  • Required before installation:
sudo apt-get update && apt-get install -y
  • Install Gitsudo apt-get install git
  • Install Python 3.8–3.9sudo apt-get install python3.8
  • Install JDK 8+sudo apt-get install openjdk-8-jdk
  • Install the following dependencies:
sudo apt install python3-dev python3-venv python3-pip build-essential libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev wkhtmltopdf

I was getting error in installing this dependency so I have to install another version of it called with below command: libjpeg8-devlibjpeg62-turbo-dev

sudo apt install libjpeg62-turbo-dev

If you like to generate PDF documents of the MobSF report then install wkhtmltopdf too:

sudo apt install wkhtmltopdf
  • Other Requirements which you will need in Kali Linux:
sudo apt install python3-pip
sudo apt install python3.9-venv

Steps to Install MobSF from Github:

git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git
cd Mobile-Security-Framework-MobSF
./setup.sh

To run MobSF:

./run.sh

It will start a server in http://localhost:8000, you can browse it either inside kali linux browser or inside windows browser.

start_mobsf
menu_mobsf

To update MobSF:

cd Mobile-Security-Framework-MobSF/
git pull origin master
./venv/bin/activate
pip install --no-cache-dir --use-deprecated=legacy-resolver -r requirements.txt
python manage.py makemigrations
python manage.py makemigrations StaticAnalyzer
python manage.py migrate
deactivate

Leave a Reply

Your email address will not be published.