forked from MobSF/Mobile-Security-Framework-MobSF
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[pull] master from MobSF:master #383
Open
pull
wants to merge
231
commits into
security-geeks:master
Choose a base branch
from
MobSF:master
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@pavelkrcma * Added new rules to Android APIs and Rules YAML config files.
* added HEALTHCHECK
Landscape-oriented pages make the results more legible in the generated PDF Co-authored-by: Ajin Abraham <ajin25@gmail.com>
Add extra_hosts to support resolution of host.docker.internal for healthcheck https://medium.com/@TimvanBaarsen/how-to-connect-to-the-docker-host-from-inside-a-docker-container-112b4c71bc66
Fix non-working PATH environment variable in Dockerfile (#1840)
* update apktool to 2.6.0 * update frida to 15.1.6 Co-authored-by: Ajin Abraham <ajin25@gmail.com>
* Add --no-cache-dir to pip install * Add --no-cache-dir to pip install in install_java_wkhtmltopdf.sh
* update apktool to 2.6.0
#1812) * Run service as unprivileged user * Update Dockerfile Co-authored-by: superpoussin22 <vincent.nadal@orange.fr> Co-authored-by: Ajin Abraham <ajin25@gmail.com>
This change to the setup.sh adds the wheel package which is necessary for correct installation of some packages such as Frida on linux installations. Co-authored-by: Ajin Abraham <ajin25@gmail.com>
* Py deps update and QA * lint fix
* Modify cert_analysis - Janus Updated the Janus Vulnerability to reflect the difference cases. Co-authored-by: Th30 <theo.dm@gmail.com>
* Initial commit - Activity launcher * Fixed broken OpenSSL link * Various fixes to activity launcher * disable dynamic report button when does not exist * Small fixes after CR * QA * the setting ACTIVITY_TESTER_SLEEP is not available for old users * QA + REST API Co-authored-by: matan.dobr <matan.dobr@otorio.com>
Co-authored-by: Ajin Abraham <ajin25@gmail.com>
Co-authored-by: Ajin Abraham <ajinabraham@C-C02G30P9MD6R.chime.local>
* Upgrade Quark Version * suppress unnecessary print() * suppress androguard warnings * fix wkhtmltopdf in windows * Remove version string Co-authored-by: Haeter <3461569+haeter525@users.noreply.github.com> Co-authored-by: Haeter <3461569+haeter525@users.noreply.github.com> Co-authored-by: Ajin Abraham <ajin25@gmail.com>
* MobSF Application Security Score Card * Scorecard API * Improved App Security Scoring Mechanism * Improved PDF Report * Disable CVSSv2 by default. * For application security use case, use severity levels High, Warning, Low and Secure across all components applicable. * Non blocking upload flow. * Fixes #1885
…echnologies (#2373) Address: GHSA-wpff-wm84-x5cx
Authentication and Authorization (`Maintainer` , Viewer`) support in MobSF * Basic User Management * Bug Fixes in Runtime Executable Tampering * Ratelimiting support for login endpoint * Disable AuthZ/AuthN for REST API and also via ENV VAR `MOBSF_DISABLE_AUTHENTICATION=1` * Bug Fix #2285 * Bug Fix Icon Analysis Nonetype * Update SSRF Filter * Dependency Bump * Beta to Stable release from V4 * Runs with DEBUG=False * New home screen UI
* Add support for SSO with SAML2.0 * Bump Deps * Docs Updated * Bump MobSF version
* Added support for proxy setup and custom SP host
* QA * Add new android rule setAllow*FromFileURLs * android root bypass and debugger bypass scripts improvements * Dockerfile qa * prevent entrypoint exit if username already exists
…c Analyzer (#2402) * iOS Dynamic Analyzer String Compare Frida script improvement * Android Dynamic Analyzer Deeplink UI trigger support * Android & iOS Dynamic Analyzer UI Improvements * Android & iOS Dynamic Analyzer Bug fixes
* Fixes GHSA-4hh3-vj32-gr6j * update SECURITY.md * update dependencies
* Check for internet before attempting to download APK
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )