mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
☆740Jan 31, 2026Updated last month
Alternatives and similar repositories for mobsfscan
Users that are interested in mobsfscan are comparing it to the libraries listed below
Sorting:
- Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and …☆20,479Feb 3, 2026Updated 3 weeks ago
- httptools helps you to capture, repeat and live intercept HTTP requests with scripting capabilities. It is built on top of mitmproxy☆83Aug 31, 2025Updated 6 months ago
- MobSF Documentation☆40Sep 30, 2025Updated 5 months ago
- Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime☆2,973Updated this week
- A security focused static analysis tool for Android and Java applications.☆1,214Feb 20, 2026Updated last week
- A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.☆319Nov 12, 2025Updated 3 months ago
- A simple script to patch smali file to include a Fake Security Provider at 1 for Android Apps☆18Jan 19, 2021Updated 5 years ago
- Mobile Edge-Dynamic Unified Security Analysis☆2,183Updated this week
- The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse enginee…☆12,736Updated this week
- Oversecured Vulnerable Android App☆733Jul 18, 2024Updated last year
- An Intentionally designed Vulnerable Android Application built in Kotlin.☆256Mar 2, 2022Updated 3 years ago
- Generic SAST Library☆135Jun 17, 2025Updated 8 months ago
- A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.☆741Jun 25, 2021Updated 4 years ago
- ☆436Jun 1, 2021Updated 4 years ago
- Property extractor for Android apps☆311Mar 24, 2025Updated 11 months ago
- Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android☆2,419Jan 29, 2026Updated last month
- The Leading Security Assessment Framework for Android.☆4,456Jan 29, 2026Updated last month
- 📱 objection - runtime mobile exploration☆8,902Jan 27, 2026Updated last month
- A tool to automate the boring process of APK recon☆345Sep 30, 2022Updated 3 years ago
- Scanning APK file for URIs, endpoints & secrets.☆5,974Aug 20, 2025Updated 6 months ago
- The new bridge between Burp Suite and Frida!☆1,850Oct 30, 2025Updated 4 months ago
- Tool to look for several security related Android application vulnerabilities☆3,355Jan 16, 2024Updated 2 years ago
- APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is int…☆954Jan 17, 2025Updated last year
- [Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzes…☆1,122Feb 2, 2023Updated 3 years ago
- Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code☆66Sep 18, 2021Updated 4 years ago
- ☆96Dec 25, 2021Updated 4 years ago
- An extension to use Semgrep inside Burp Suite.☆88May 23, 2025Updated 9 months ago
- The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.☆2,338Dec 22, 2025Updated 2 months ago
- iOS platform security & anti-tampering Swift library☆2,629Dec 7, 2025Updated 2 months ago
- ☆1,644Feb 20, 2026Updated last week
- The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…☆5,150Feb 8, 2024Updated 2 years ago
- Contextual Content Discovery Tool☆3,096Apr 29, 2024Updated last year
- Extract endpoints from APK files☆882May 22, 2024Updated last year
- Reverse engineering and pentesting for Android applications☆5,968Jan 12, 2026Updated last month
- Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security e…☆1,061Mar 29, 2024Updated last year
- A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.☆1,459Jun 3, 2021Updated 4 years ago
- 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.☆4,851Updated this week
- A universal memory dumper using Frida☆837Aug 7, 2024Updated last year
- OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS☆450Dec 29, 2025Updated 2 months ago