{% block content %} {% load static %} MobSF Static Analysis Report {% if host_os == 'windows' %} {% else %} {% endif %}
ANDROID STATIC ANALYSIS REPORT



app_icon

{% if app_name %} {{ app_name }} {% else %} {{ file_name }} {% endif %} {% if version_name %} ({{version_name}}) {% endif %}






{% if app_type not in 'so' %} {% if average_cvss %} {% endif %} {% endif %} {% if trackers|key:"trackers" %} {% endif %} {% if virus_total and virus_total.items|length > 9 and 'request successfully queued' not in virus_total.verbose_msg %} {% endif %}

File Name:

{{file_name}}

Package Name:

{{ package_name }}

Scan Date:

{{ timestamp }}

Average CVSS Score:

{% if average_cvss > 6 %} {{ average_cvss }} {% elif average_cvss == 0 %} {{ average_cvss }} {% elif average_cvss >= 4 %} {{ average_cvss }} {% elif average_cvss < 4 %} {{ average_cvss }} {% endif %}

App Security Score:

{% if appsec.security_score < 30 %} {{ appsec.security_score }}/100 (CRITICAL RISK) {% elif appsec.security_score < 40 %} {{ appsec.security_score }}/100 (HIGH RISK) {% elif appsec.security_score < 60 %} {{ appsec.security_score }}/100 (MEDIUM RISK) {% else %} {{ appsec.security_score }}/100 (LOW RISK) {% endif %}

Grade:

F {% elif appsec.security_score < 40 %} #ffc107">C {% elif appsec.security_score < 60 %} #f4ff45">B {% else %} #28a745">A {% endif %}

Trackers Detection:

0 %} class="warning" {% endif %}>{{ trackers.detected_trackers }}/{{ trackers.total_trackers }}

VirusTotal Detection:

{{ virus_total.positives }}/{{ virus_total.total }}

{% if app_type not in 'so' %}

















FINDINGS SEVERITY

HIGH MEDIUM INFO SECURE HOTSPOT

{{ appsec.high | length}}

{{ appsec.warning | length}}

{{ appsec.info | length}}

{{ appsec.secure | length}}

{{ appsec.hotspot | length}}

{% endif %}

FILE INFORMATION

File Name:
{{ file_name }}
Size:
{{ size }}
MD5:
{{ md5 }}
SHA1:
{{ sha1 }}
SHA256:
{{ sha256 }}
{% if app_type not in 'so' %}

APP INFORMATION

App Name:
{{ app_name }}
Package Name:
{{ package_name }}
Main Activity:
{{ main_activity }}
Target SDK:
{{ target_sdk }}
Min SDK:
{{ min_sdk }}
Max SDK:
{{ max_sdk }}
Android Version Name:
{{ version_name }}
Android Version Code:
{{ version_code }}
{% endif %} {% if app_type not in 'jar,aar,so' %}

APP COMPONENTS

Activities:
{{ activities | length }}
Services:
{{ services | length }}
Receivers:
{{ receivers | length }}
Providers:
{{ providers | length }}
Exported Activities:
0 %} class="danger" {% endif %}> {{ exported_count.exported_activities }}
Exported Services:
0 %} class="danger" {% endif %}> {{ exported_count.exported_services }}
Exported Receivers:
0 %} class="danger" {% endif %}> {{ exported_count.exported_receivers }}
Exported Providers:
0 %} class="danger" {% endif %}> {{ exported_count.exported_providers }}
{% endif %} {% if app_type not in 'so' %}

CERTIFICATE INFORMATION

{% if certificate_analysis.certificate_info %}

{{ certificate_analysis.certificate_info }}

{% else %} Failed to read Code Signing Certificate or none available. {% endif %} {% endif %} {% if permissions %}

APPLICATION PERMISSIONS

{% for perm,desc in permissions.items %} {% endfor %}
PERMISSION STATUS INFO DESCRIPTION
{{ perm }} {% if desc.status == 'dangerous' %} dangerous {% elif desc.status == 'normal' %} normal {% elif desc.status == 'signatureOrSystem' %} SignatureOrSystem {% elif desc.status == 'signature' %} signature {% elif desc.status == 'unknown' %} unknown {% endif %} {{ desc.info }} {{ desc.description }}
{% endif %} {% if virus_total and virus_total.items|length > 9 and 'request successfully queued' not in virus_total.verbose_msg %}

VIRUSTOTAL SCAN

{{ virus_total.positives }} / {{ virus_total.total }}
  AVs found this file Malicious!

{% if virus_total.positives %} {% for av_name,av_result in virus_total.scans.items %} {% if av_result.detected == True %} {% endif %} {% endfor %}
AV DETECTION
{{ av_name }} {{ av_result.result }}
{% endif %} {% endif %} {% if apkid and app_type not in 'jar,aar'%}

APKID ANALYSIS

{% if apkid %} {% for file, details in apkid.items %} {% endfor %} {% else %}

APKiD not enabled.

{% endif %}
FILE DETAILS
{{file}} {% for detail, idens in details.items %} {% endfor %}
FINDINGS DETAILS
{% if detail == "anti_vm" %} Anti-VM Code {% elif detail == "anti_disassembly" %} Anti Disassembly Code {% elif detail == "anti_debug" %} Anti Debug Code {% elif detail == "compiler" %} Compiler {% elif detail == "abnormal" %} Abnormal Code {% elif detail == "obfuscator" %} Obfuscator {% elif detail == "protector" %} Protector {% elif detail == "packer" %} Packer Found {% elif detail == "dropper" %} Dropper Found {% elif detail == "manipulator" %} Manipulator Found {% else %} {{detail}} {% endif %} {% for idn in idens %} {{ idn }}
{% endfor %}
{% endif %} {% if browsable_activities %}

BROWSABLE ACTIVITIES

{% for activity,intent_details in browsable_activities.items %}
ACTIVITY INTENT
{{activity}} {% if intent_details|key:"schemes" %} Schemes: {% for scheme in intent_details|key:"schemes" %} {{scheme}}, {% endfor %}
{% endif %} {% if intent_details|key:"hosts" %} Hosts: {% for host in intent_details|key:"hosts" %} {{host}}, {% endfor %}
{% endif %} {% if intent_details|key:"ports" %} Ports: {% for port in intent_details|key:"ports" %} {{port}}, {% endfor %}
{% endif %} {% if intent_details|key:"mime_types" %} Mime Types: {% for mime in intent_details|key:"mime_types" %} {{mime}}, {% endfor %}
{% endif %} {% if intent_details|key:"paths" %} Paths: {% for path in intent_details|key:"paths" %} {{path}}, {% endfor %}
{% endif %} {% if intent_details|key:"path_prefixs" %} Path Prefixes: {% for prefix in intent_details|key:"path_prefixs" %} {{prefix}}, {% endfor %}
{% endif %} {% if intent_details|key:"path_patterns" %} Path Patterns: {% for pattern in intent_details|key:"path_patterns" %} {{pattern}}, {% endfor %}
{% endif %} {% endfor %}
{% endif %} {% if app_type not in 'so' %}

NETWORK SECURITY

{% if network_security and 'network_summary' in network_security and network_security.network_summary|length > 0 %} HIGH:
{{ network_security.network_summary.high }}
| WARNING:
{{ network_security.network_summary.warning }}
| INFO:
{{ network_security.network_summary.info }}
| SECURE:
{{ network_security.network_summary.secure }}
{% endif %}
{% if network_security and 'network_findings' in network_security %} {% for item in network_security.network_findings %} {% endfor %} {% endif %}
NO SCOPE SEVERITY DESCRIPTION
{{ forloop.counter }} {% for url in item.scope %} {{ url }}
{% endfor %}
{% if item.severity == "high" %} high {% elif item.severity == "secure" %} secure {% elif item.severity == "info" %} info {% elif item.severity == "warning" %} warning {% endif %} {{item.description }}

CERTIFICATE ANALYSIS

{% if certificate_analysis and 'certificate_summary' in certificate_analysis and certificate_analysis.certificate_summary|length > 0 %} HIGH:
{{ certificate_analysis.certificate_summary.high }}
| WARNING:
{{ certificate_analysis.certificate_summary.warning }}
| INFO:
{{ certificate_analysis.certificate_summary.info }}
{% endif %}
{% if certificate_analysis and 'certificate_findings' in certificate_analysis %} {% for find in certificate_analysis.certificate_findings %} {% endfor %} {% endif %}
TITLE SEVERITY DESCRIPTION
{{ find.2 }} {% if find.0 == 'high' %} high {% elif find.0 == 'secure' %} secure {% elif find.0 == 'warning' %} warning {% elif find.0 == 'info' %} info {% endif %} {{ find.1 }}

MANIFEST ANALYSIS

{% if manifest_analysis and 'manifest_summary' in manifest_analysis and manifest_analysis.manifest_summary|length > 0 %} HIGH:
{{ manifest_analysis.manifest_summary.high }}
| WARNING:
{{ manifest_analysis.manifest_summary.warning }}
| INFO:
{{ manifest_analysis.manifest_summary.info }}
| SUPPRESSED:
{{ manifest_analysis.manifest_summary.suppressed }}
{% endif %}
{% if manifest_analysis and 'manifest_findings' in manifest_analysis %} {% for item in manifest_analysis.manifest_findings %} {% endfor %} {% endif %}
NO ISSUE SEVERITY DESCRIPTION
{{ forloop.counter }} {{item|key:"title" | safe}} {% if item|key:"severity" == "high" %} high {% elif item|key:"severity" == "info" %} info {% elif item|key:"severity" == "warning" %} warning {% endif %} {{item|key:"description"}}

CODE ANALYSIS

{% if code_analysis and 'summary' in code_analysis and code_analysis.summary|length > 0 %} HIGH:
{{ code_analysis.summary.high }}
| WARNING:
{{ code_analysis.summary.warning }}
| INFO:
{{ code_analysis.summary.info }}
| SECURE:
{{ code_analysis.summary.secure }}
| SUPPRESSED:
{{ code_analysis.summary.suppressed }}
{% endif %}
{% if code_analysis and 'findings' in code_analysis %} {% for rule, details in code_analysis.findings.items %} {% endfor %} {% endif %}
NO ISSUE SEVERITY STANDARDS FILES
{{ forloop.counter }} {% if details.metadata|key:"ref" %} {{ details.metadata.description }} {% else %} {{ details.metadata.description }} {% endif %} {% if details.metadata.severity == "high" %} high {% elif details.metadata.severity == "good" %} secure {% elif details.metadata.severity == "warning" %} warning {% elif details.metadata.severity == "info" %} info {% endif %} {% if average_cvss %} CVSS V2: {{ details.metadata.cvss }} {% if details.metadata.cvss > 6 %} (high) {% elif details.metadata.cvss == 0 %} (info) {% elif details.metadata.cvss >= 4 %} (medium) {% elif details.metadata.cvss < 4 %} (low) {% endif %}
{% endif %} {% if details.metadata.cwe %}CWE: {{ details.metadata.cwe }}{% endif %} {% if details.metadata|key:"owasp-mobile" %}
OWASP Top 10: {{ details.metadata|key:"owasp-mobile" }}{% endif %} {% if details.metadata.masvs %}
OWASP MASVS: {{ details.metadata.masvs }}{% endif %}
{% for file_path in details.files %} {{ file_path }}
{% endfor %}
{% endif %} {% if binary_analysis %}

SHARED LIBRARY BINARY ANALYSIS

{% if not binary_analysis %} No Shared Objects found. {% endif %} {% for so in binary_analysis %} {% endfor %}
NO SHARED OBJECT NX STACK CANARY RELRO RPATH RUNPATH FORTIFY SYMBOLS STRIPPED
{{ forloop.counter }} {{so.name | relative_path}} {{so.nx.is_nx}}
{{so.nx.severity}}
{{so.nx.description}}
{{so.stack_canary.has_canary}}
{{so.stack_canary.severity}}
{{so.stack_canary.description}}
{{so.relocation_readonly.relro}}
{{so.relocation_readonly.severity}}
{{so.relocation_readonly.description}}
{{so.rpath.rpath}}
{{so.rpath.severity}}
{{so.rpath.description}}
{{so.runpath.runpath}}
{{so.runpath.severity}}
{{so.runpath.description}}
{{so.fortify.is_fortified}}
{{so.fortify.severity}}
{{so.fortify.description}}
{{so.symbol.is_stripped}}
{{so.symbol.severity}}
{{so.symbol.description}}
{% endif %} {% if app_type not in 'so' %}

NIAP ANALYSIS v1.3

{% for iden, details in niap_analysis.items %} {% endfor %}
NO IDENTIFIER REQUIREMENT FEATURE DESCRIPTION
{{ forloop.counter }} {{ iden }} {{ details.class }} {{ details.description }} {{ details.choice }}
{% endif %} {% if malware_permissions %}

ABUSED PERMISSIONS

TYPE MATCHES PERMISSIONS
Malware Permissions {{ malware_permissions.top_malware_permissions | length}}/{{malware_permissions.total_malware_permissions}} {{ malware_permissions.top_malware_permissions | join:", "}}
Other Common Permissions {{ malware_permissions.other_abused_permissions | length}}/{{malware_permissions.total_other_permissions}} {{ malware_permissions.other_abused_permissions | join:", "}}

Malware Permissions:

Top permissions that are widely abused by known malware.

Other Common Permissions:

Permissions that are commonly abused by known malware.

{% endif %} {% if domains %}

OFAC SANCTIONED COUNTRIES

This app may communicate with the following OFAC sanctioned list of countries.

{% for domain, details in domains.items %} {% if details|key:"ofac" == True %} {% endif %} {% endfor %}
DOMAIN COUNTRY/REGION
{{domain}} IP: {{details|key:"geolocation"|key:"ip"}}
Country: {{details|key:"geolocation"|key:"country_long"}}
Region: {{details|key:"geolocation"|key:"region"}}
City: {{details|key:"geolocation"|key:"city"}}

DOMAIN MALWARE CHECK

{% for domain, details in domains.items %} {% endfor %}
DOMAIN STATUS GEOLOCATION
{{domain}} {% if details|key:"bad" == "yes" %} malware
URL:
{{details|key:"domain_or_url"}}
IP:
{{details|key:"ip"}}
Description:
{{details|key:"desc"}} {% else %} ok
{% endif %}
{% if details|key:"geolocation" %}
IP:
{{details|key:"geolocation"|key:"ip"}}
Country:
{{details|key:"geolocation"|key:"country_long"}}
Region:
{{details|key:"geolocation"|key:"region"}}
City:
{{details|key:"geolocation"|key:"city"}}
Latitude:
{{details|key:"geolocation"|key:"latitude"}}
Longitude:
{{details|key:"geolocation"|key:"longitude"}}
View:
Google Map {% else %} No Geolocation information available. {% endif %}
{% endif %} {% if app_type in 'so' %} {% if urls %}

URLS

{% for urldict in urls %} {% endfor %}
URL FILE
{% for u in urldict|key:"urls" %} {{ u }}
{% endfor %}
{{urldict|key:"path"}}
{% endif %} {% endif %} {% if firebase_urls %}

FIREBASE DATABASES

{% for item in firebase_urls %} {% endfor %}
FIREBASE URL DETAILS
{{ item.url }} {% if item.open %} high
Firebase DB is exposed publicly. {% else %} info
App talks to a Firebase Database. {% endif %}
{% endif %} {% if emails %}

EMAILS

{% for email_dict in emails %} {% endfor %}
EMAIL FILE
{% for em in email_dict|key:"emails" %} {{ em }}
{% endfor %}
{{email_dict|key:"path"}}
{% endif %} {% if trackers|key:"trackers" %}

TRACKERS

{% for trk in trackers|key:"trackers" %} {% endfor %}
TRACKER CATEGORIES URL
{{trk.name}} {{trk.categories}} {{trk.url}}
{% endif %} {% if secrets %}

HARDCODED SECRETS

{% for sec in secrets %} {% endfor %}
POSSIBLE SECRETS
{{ sec }}
{% endif %} {% if app_type in 'so' %}

SYMBOLS

{% for val in file_analysis %} {% endfor %}
{{ val }}
{% endif %} {% if not playstore_details.error %}

PLAYSTORE INFORMATION

Title:
{{ playstore_details.title }}

Score:
{{ playstore_details.score}}
Installs:
{{ playstore_details.installs }}
Price:
{{ playstore_details.price }}
Android Version Support:
{{ playstore_details.androidVersionText }}
Category:
{{ playstore_details.genre }}
Play Store URL:
{{ package_name }}

Developer Details:
{{playstore_details.developer}}, {{playstore_details.developerId}}, {{playstore_details.developerAddress }}, {{playstore_details.developerWebsite}}, {{playstore_details.developerEmail}},

Release Date:
{{ playstore_details.released }}
Privacy Policy:
Privacy link

Description:

{{ playstore_details.description }}

{% endif %}


Report Generated by - MobSF {{ version }}

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

© {% now "Y" %} Mobile Security Framework - MobSF | Ajin Abraham | OpenSecurity.

{% endblock %}