{% extends "base/base_layout.html" %} {% load static %} {% block sidebar_option %} sidebar-collapse {% endblock %} {% block extra_css %} {% endblock %} {% block content %}
TLS/SSL Security test helps you to evaluate the security of your application's network connections. These tests are applicable only for applications that performs network connections over HTTP protocol. We run multiple TLS/SSL tests against the application.
TLS Misconfiguration Test - Enable HTTPS MITM Proxy, Remove Root CA, Run the App for 25 seconds. This test will uncover insecure configurations that allow HTTPS connections bypassing certificate errors or SSL/TLS errors in WebViews. This is equivalent to not having TLS.
This test will uncover insecure configurations that allow HTTPS connections bypassing certificate errors or SSL/TLS errors in WebViews. This is equivalent to not having TLS.
TLS Pinning/Certificate Transparency Test - Enable HTTPS MITM Proxy, Install Root CA, Run the App for 25 seconds. This test will evaluate the application's TLS/SSL hardening controls and will check if the application implement certificate or public key pinning and or certificate transparency.
This test will evaluate the application's TLS/SSL hardening controls and will check if the application implement certificate or public key pinning and or certificate transparency.
TLS Pinning/Certificate Transparency Bypass Test - Enable HTTPS MITM Proxy, Install Root CA, Bypass Certificate/Public Key Pinning or Certificate Transparency. This test tries to bypass certificate or public key pinning and or certificate transparency controls in your application. MobSF can bypass most of the generic implementations.
This test tries to bypass certificate or public key pinning and or certificate transparency controls in your application. MobSF can bypass most of the generic implementations.
NOTE: For Better results, while the application is running, navigate through different business logic flows that will trigger network connections over HTTP protocol. Make sure that no other applications are running during the test.