{% extends "base/base_layout.html" %} {% load static %} {% block sidebar_option %} sidebar-mini {% endblock %} {% block extra_css %} {% endblock %} {% block sidebar %} {% endblock %} {% block content %}

APP SCORES

{% if app_type not in 'so' %}

{% if average_cvss %} Average CVSS {{ average_cvss }}
{% endif %} Security Score {{ appsec.security_score }}/100
{% endif %} {% if trackers.detected_trackers > 0 %} Trackers Detection {{ trackers.detected_trackers }}/{{ trackers.total_trackers }}
{% else %} Trackers Detection {{ trackers.detected_trackers }}/{{ trackers.total_trackers }}
{% endif %} {% if virus_total and virus_total.items|length > 9 %} {% if virus_total.positives > 0 %} VirusTotal Detection {{ virus_total.positives }}/{{ virus_total.total }}
{% else %} VirusTotal Detection {{ virus_total.positives }}/{{ virus_total.total }}
{% endif %} {% endif %}

{% if app_type not in 'so' %}

MobSF Scorecard

{% endif %}

FILE INFORMATION

File Name {{ file_name }}
Size {{ size }}
MD5 {{ md5 }}
SHA1 {{ sha1 }}
SHA256 {{ sha256 }}
{% if app_type not in 'jar,aar,so' %}

APP INFORMATION

App Name {{ app_name }}
Package Name {{ package_name }}
Main Activity {{ main_activity }}
Target SDK {{ target_sdk }} Min SDK {{ min_sdk }} Max SDK {{ max_sdk }}
Android Version Name {{ version_name }} Android Version Code {{ version_code }}
{% endif %}
{% if not playstore_details.error %}

PLAYSTORE INFORMATION

Title {{ playstore_details.title }}
Score {{ playstore_details.score}} Installs {{ playstore_details.installs }} Price {{ playstore_details.price }} Android Version Support {{ playstore_details.androidVersionText }} Category {{ playstore_details.genre }} Play Store URL {{ package_name }}
Developer {{playstore_details.developer}}, Developer ID {{playstore_details.developerId}}
Developer Address {{playstore_details.developerAddress}}
Developer Website {{playstore_details.developerWebsite}}
Developer Email {{playstore_details.developerEmail}}
Release Date {{ playstore_details.released }} Privacy Policy Privacy link
Description
{{ playstore_details.description }}
{% endif %}
{% if app_type not in 'jar,aar,so' %}

{{ activities | length }}

ACTIVITIES

View

{{ services | length }}

SERVICES

View

{{ receivers | length }}

RECEIVERS

View

{{ providers | length }}

PROVIDERS

View
Exported
Activities
{{ exported_count.exported_activities }}
Exported
Services
{{ exported_count.exported_services }}
Exported
Receivers
{{ exported_count.exported_receivers }}
Exported
Providers
{{exported_count.exported_providers}}
{% endif %}

SCAN OPTIONS

Rescan {% if app_type in 'so' %} Download {{ app_type | upper}} {% endif %} {% if app_type not in 'so' %} Manage Suppressions {% endif %}

{% if app_type not in 'jar,aar,so' %}

Start Dynamic Analysis

{% endif %}
{% if app_type not in 'so' %}

DECOMPILED CODE

{% if app_type not in 'jar' %} View AndroidManifest.xml {% endif %} View Source {% if app_type not in 'jar,aar' %} View Smali {% endif %}

Download Java Code {% if app_type not in 'jar,aar' %} Download Smali Code {% endif %} Download {{ app_type | upper}}

{% endif %}
{% if app_type not in 'so' %}

SIGNER CERTIFICATE

{% if certificate_analysis %}
{{ certificate_analysis.certificate_info }}
{% else %} Failed to read Code Signing Certificate. {% endif %}

APPLICATION PERMISSIONS

{% for perm,desc in permissions.items %} {% endfor %}
PERMISSION STATUS INFO DESCRIPTION CODE MAPPINGS
{{ perm }} {% if desc.status == 'dangerous' %} dangerous {% elif desc.status == 'normal' %} normal {% elif desc.status == 'signatureOrSystem' %} SignatureOrSystem {% elif desc.status == 'signature' %} signature {% elif desc.status == 'unknown' %} unknown {% endif %} {{ desc.info }} {{ desc.description }} {% if perm in permission_mapping %}
{% for k, v in permission_mapping.items %} {% if k == perm %} {% for file_path, lines in v.items %} {{ file_path }}
{% endfor %} {% endif %} {% endfor %}
{% endif %}

ANDROID API

{% for rule, details in android_api.items %} {% endfor %}
API FILES
{{ details.metadata.description }}
{% for file_path, lines in details.files.items %} {{ file_path }}
{% endfor %}

BROWSABLE ACTIVITIES

{% for activity,intent_details in browsable_activities.items %}
ACTIVITY INTENT
{{activity}} {% if intent_details|key:"schemes" %} Schemes: {% for scheme in intent_details|key:"schemes" %} {{scheme}}, {% endfor %}
{% endif %} {% if intent_details|key:"hosts" %} Hosts: {% for host in intent_details|key:"hosts" %} {{host}}, {% endfor %}
{% endif %} {% if intent_details|key:"ports" %} Ports: {% for port in intent_details|key:"ports" %} {{port}}, {% endfor %}
{% endif %} {% if intent_details|key:"mime_types" %} Mime Types: {% for mime in intent_details|key:"mime_types" %} {{mime}}, {% endfor %}
{% endif %} {% if intent_details|key:"paths" %} Paths: {% for path in intent_details|key:"paths" %} {{path}}, {% endfor %}
{% endif %} {% if intent_details|key:"path_prefixs" %} Path Prefixes: {% for prefix in intent_details|key:"path_prefixs" %} {{prefix}}, {% endfor %}
{% endif %} {% if intent_details|key:"path_patterns" %} Path Patterns: {% for pattern in intent_details|key:"path_patterns" %} {{pattern}}, {% endfor %}
{% endif %} {% endfor %}

NETWORK SECURITY

{% if network_security and 'network_summary' in network_security and network_security.network_summary|length > 0 %}
HIGH
{{ network_security.network_summary.high }}
WARNING
{{ network_security.network_summary.warning }}
INFO
{{ network_security.network_summary.info }}
SECURE
{{ network_security.network_summary.secure }}
{% endif %} {% if network_security and 'network_findings' in network_security %} {% for item in network_security.network_findings %} {% endfor %} {% endif %}
NO SCOPE SEVERITY DESCRIPTION
{{ forloop.counter }} {% for url in item.scope %} {{ url }}
{% endfor %}
{% if item.severity == "high" %} high {% elif item.severity == "secure" %} secure {% elif item.severity == "info" %} info {% elif item.severity == "warning" %} warning {% endif %} {{item.description }}

CERTIFICATE ANALYSIS

{% if certificate_analysis and 'certificate_summary' in certificate_analysis and certificate_analysis.certificate_summary|length > 0 %}
HIGH
{{ certificate_analysis.certificate_summary.high }}
WARNING
{{ certificate_analysis.certificate_summary.warning }}
INFO
{{ certificate_analysis.certificate_summary.info }}
{% endif %} {% if certificate_analysis and 'certificate_findings' in certificate_analysis %} {% for find in certificate_analysis.certificate_findings %} {% endfor %} {% endif %}
TITLE SEVERITY DESCRIPTION
{{ find.2 }} {% if find.0 == 'high' %} high {% elif find.0 == 'secure' %} secure {% elif find.0 == 'warning' %} warning {% elif find.0 == 'info' %} info {% endif %} {{ find.1 }}

MANIFEST ANALYSIS

{% if manifest_analysis and 'manifest_summary' in manifest_analysis and manifest_analysis.manifest_summary|length > 0%}
HIGH
{{ manifest_analysis.manifest_summary.high }}
WARNING
{{ manifest_analysis.manifest_summary.warning }}
INFO
{{ manifest_analysis.manifest_summary.info }}
SUPPRESSED
{{ manifest_analysis.manifest_summary.suppressed }}
{% endif %} {% if manifest_analysis and 'manifest_findings' in manifest_analysis %} {% for item in manifest_analysis.manifest_findings %} {% endfor %} {% endif %}
NO ISSUE SEVERITY DESCRIPTION OPTIONS
{{ forloop.counter }} {{item|key:"title" | safe}} {% if item|key:"severity" == "high" %} high {% elif item|key:"severity" == "info" %} info {% elif item|key:"severity" == "warning" %} warning {% endif %} {{item|key:"description"}}

CODE ANALYSIS

{% if code_analysis and 'summary' in code_analysis and code_analysis.summary|length > 0 %}
HIGH
{{ code_analysis.summary.high }}
WARNING
{{ code_analysis.summary.warning }}
INFO
{{ code_analysis.summary.info }}
SECURE
{{ code_analysis.summary.secure }}
SUPPRESSED
{{ code_analysis.summary.suppressed }}
{% endif %} {% if code_analysis and 'findings' in code_analysis %} {% for rule, details in code_analysis.findings.items %} {% endfor %} {% endif %}
NO ISSUE SEVERITY STANDARDS FILES OPTIONS
{{ forloop.counter }} {% if details.metadata|key:"ref" %} {{ details.metadata.description }} {% else %} {{ details.metadata.description }} {% endif %} {% if details.metadata.severity == "high" %} high {% elif details.metadata.severity == "good" %} secure {% elif details.metadata.severity == "warning" %} warning {% elif details.metadata.severity == "info" %} info {% endif %} {% if average_cvss %} CVSS V2: {{ details.metadata.cvss }} {% if details.metadata.cvss > 6 %} (high) {% elif details.metadata.cvss == 0 %} (info) {% elif details.metadata.cvss >= 4 %} (medium) {% elif details.metadata.cvss < 4 %} (low) {% endif %}
{% endif %} {% if details.metadata.cwe %} CWE: {{ details.metadata.cwe }}{% endif %} {% if details.metadata|key:"owasp-mobile" %}
OWASP Top 10: {{ details.metadata|key:"owasp-mobile" }}{% endif %} {% if details.metadata.masvs %}
OWASP MASVS: {{ details.metadata.masvs }}{% endif %}
{% if details.files|length < 4 %} {% for file_path, lines in details.files.items %} {{ file_path }}
{% endfor %} {% else %}
{% for file_path, lines in details.files.items %} {{ file_path }}
{% endfor %}
{% endif %}
{% endif %}

SHARED LIBRARY BINARY ANALYSIS

{% if app_type not in 'so' %} {% endif %} {% if not binary_analysis %} No Shared Objects found. {% endif %} {% for so in binary_analysis %} {% if app_type not in 'so' %} {% endif %} {% endfor %}
NO SHARED OBJECTNX STACK CANARY RELRO RPATH RUNPATH FORTIFY SYMBOLS STRIPPED
{{ forloop.counter }} {{so.name | relative_path}}
Analyze
{{so.nx.is_nx}}
{{so.nx.severity}}
{{so.nx.description}}
{{so.stack_canary.has_canary}}
{{so.stack_canary.severity}}
{{so.stack_canary.description}}
{{so.relocation_readonly.relro}}
{{so.relocation_readonly.severity}}
{{so.relocation_readonly.description}}
{{so.rpath.rpath}}
{{so.rpath.severity}}
{{so.rpath.description}}
{{so.runpath.runpath}}
{{so.runpath.severity}}
{{so.runpath.description}}
{{so.fortify.is_fortified}}
{{so.fortify.severity}}
{{so.fortify.description}}
{{so.symbol.is_stripped}}
{{so.symbol.severity}}
{{so.symbol.description}}
{% if app_type not in 'so' %}

NIAP ANALYSIS v1.3

{% for iden, details in niap_analysis.items %} {% endfor %}
NO IDENTIFIER REQUIREMENT FEATURE DESCRIPTION
{{ forloop.counter }} {{ iden }} {{ details.class }} {{ details.description }} {{ details.choice }}

FILE ANALYSIS

{% for item in file_analysis %} {% endfor %}
NO ISSUE FILES
{{ forloop.counter }} {{ item|key:"finding" }} {% for cert_f in item|key:"files" %} {{ cert_f }}
{% endfor %}

APKiD ANALYSIS

{% if apkid and app_type not in 'jar,aar'%} {% for file, details in apkid.items %} {% endfor %} {% else %}

APKiD not enabled.

{% endif %}
DEX DETECTIONS
{{file}} {% for detail, idens in details.items %} {% endfor %}
FINDINGS DETAILS
{% if detail == "anti_vm" %} Anti-VM Code {% elif detail == "anti_disassembly" %} Anti Disassembly Code {% elif detail == "anti_debug" %} Anti Debug Code {% elif detail == "compiler" %} Compiler {% elif detail == "abnormal" %} Abnormal Code {% elif detail == "obfuscator" %} Obfuscator {% elif detail == "protector" %} Protector {% elif detail == "packer" %} Packer Found {% elif detail == "dropper" %} Dropper Found {% elif detail == "manipulator" %} Manipulator Found {% else %} {{detail}} {% endif %} {% for idn in idens %} {{ idn }}
{% endfor %}

QUARK ANALYSIS

{% if quark %} {% for item in quark %} {% endfor%} {% endif %}
POTENTIAL MALICIOUS BEHAVIOUR EVIDENCE
{{ item.crime }} {% for api in item.register %} {{api.file}} -> {{api.method}}
{% endfor %}
{% endif %} {% if virus_total %}

VIRUSTOTAL SCAN

{% if virus_total.items|length < 9 %} {% comment %} Basic check to determine if the response is a msg or a result {% endcomment %}

  {{ virus_total.verbose_msg }}

{% else %}

   {{ virus_total.positives }} / {{ virus_total.total }}  AVs found this file Malicious!    Full Report

{% if virus_total.positives > 0 %} {% for av_name,av_result in virus_total.scans.items %} {% if av_result.detected == True %} {% endif %} {% endfor %}
AV DETECTION
{{ av_name }} {{ av_result.result }}
{% endif %}{% comment %} if results.positive > 0 {% endcomment %} {% endif %}{% comment %} if this is the upload msg or a result {% endcomment %}
{% endif %}

ABUSED PERMISSIONS

{% if malware_permissions %}
Top Malware Permissions {{ malware_permissions.top_malware_permissions | length}}/{{malware_permissions.total_malware_permissions}}
{{ malware_permissions.top_malware_permissions | join:", "}}
Other Common Permissions {{ malware_permissions.other_abused_permissions | length}}/{{ malware_permissions.total_other_permissions}}
{{ malware_permissions.other_abused_permissions | join:", "}}

Malware Permissions are the top permissions that are widely abused by known malware.
Other Common Permissions are permissions that are commonly abused by known malware.

{% endif %}

SERVER LOCATIONS

{% if domains %}


This app may communicate with the following OFAC sanctioned list of countries.

{% for domain, details in domains.items %} {% if details|key:"ofac" == True %} {% endif %} {% endfor %}
DOMAIN COUNTRY/REGION
{{domain}} IP: {{details|key:"geolocation"|key:"ip"}}
Country: {{details|key:"geolocation"|key:"country_long"}}
Region: {{details|key:"geolocation"|key:"region"}}
City: {{details|key:"geolocation"|key:"city"}}
{% endif %}

DOMAIN MALWARE CHECK

{% if domains %} {% for domain, details in domains.items %} {% endfor %}
DOMAIN STATUS GEOLOCATION
{{domain}} {% if details|key:"bad" == "yes" %} malware
                      URL: {{details|key:"domain_or_url"}}
                      IP: {{details|key:"ip"}}
                      Description: {{details|key:"desc"}}
                      
{% else %} ok
{% endif %}
{% if details|key:"geolocation" %} IP: {{details|key:"geolocation"|key:"ip"}}
Country: {{details|key:"geolocation"|key:"country_long"}}
Region: {{details|key:"geolocation"|key:"region"}}
City: {{details|key:"geolocation"|key:"city"}}
Latitude: {{details|key:"geolocation"|key:"latitude"}}
Longitude: {{details|key:"geolocation"|key:"longitude"}}
View: Google Map {% else %} No Geolocation information available. {% endif %}
{% endif %}

URLS

{% if urls %} {% for urldict in urls %} {% endfor %}
URL FILE
{% for u in urldict|key:"urls" %} {{ u }}
{% endfor %}
{{urldict|key:"path"}}
{% endif %}

FIREBASE DATABASE

{% if firebase_urls %} {% for item in firebase_urls %} {% endfor %}
FIREBASE URL DETAILS
{{ item.url }} {% if item.open %} high
Firebase Database is exposed publicly. {% else %} info
App talks to a Firebase database. {% endif %}
{% endif %}

EMAILS

{% if emails %} {% for email_dict in emails %} {% endfor %}
EMAIL FILE
{% for e in email_dict|key:"emails" %} {{ e }}
{% endfor %}
{{email_dict|key:"path"}}
{% endif %}
{% if app_type not in 'so' %}

TRACKERS

{% if trackers %} {% for trk in trackers|key:"trackers" %} {% endfor %}
TRACKER NAME CATEGORIES URL
{{trk.name}} {{trk.categories}} {{trk.url}}
{% endif %}
{% endif %}

POSSIBLE HARDCODED SECRETS

{% include 'base/list.html' with list=secrets type="secrets" limit=100 %}

STRINGS

{% if app_type not in 'so' %}

From APK Resource

{% include 'base/list.html' with list=strings.strings_apk_res type="strings" limit=100 %}

From Code

{% include 'base/list.html' with list=strings.strings_code type="strings" limit=100 %} {% endif %}

From Shared Objects

{% for key, val in strings.items %} {% if key == 'strings_so' %} {% for ls in val %} {% for k,v in ls.items %}


{{ k }}

{% include 'base/list.html' with list=v type="strings" limit=5 %}
{% endfor %} {% endfor %} {% endif %} {% endfor %}
{% if app_type in 'so' %}

SYMBOLS

{% include 'base/list.html' with list=file_analysis type="symbols" limit=50 %}
{% endif %} {% if app_type not in 'so' %}

ACTIVITIES

{% include 'base/list.html' with list=activities type="activities" limit=50 %}

SERVICES

{% include 'base/list.html' with list=services type="services" limit=50 %}

RECEIVERS

{% include 'base/list.html' with list=receivers type="receivers" limit=50 %}

PROVIDERS

{% include 'base/list.html' with list=providers type="providers" limit=50 %}

LIBRARIES

{% include 'base/list.html' with list=libraries type="libraries" limit=100 %}

FILES

{% include 'base/list.html' with list=files type="files" limit=200 %}
{% endif %}
{% endblock %} {% block extra_scripts %} {% endblock %}