App

PicACG [2.2.1.3.3.4] for Android Mobile App Scan

 

Mobile App Security Test

Free online security tool to test your security
  • iOS/Android Security Test
  • Mobile App Privacy Check
  • OWASP Mobile Top 10 Test
  • Static & Dynamic Mobile Scan

Free online security tool to test your security

500,412applications tested

Bạn đang xem: PicACG [2.2.1.3.3.4] for Android Mobile App Scan

Please enable JavaScript in your browser in order to use this page

 

How-To Test

Below are simple instructions on how to use Mobile App Security Test for your Android and IOS applications.

Android Applications

All you need is a valid APK archive for the application. APK’s can either be compiled from the application source code, or, if already in Google Play market, downloaded via

F-Droid or androidappsapk.co.

Please follow the steps below to test Android APK:

  • Click on “Choose file” button and select the APK, file upload will start immediately.
  • Once uploaded, the test will take approximately ten minutes, depending on application size and complexity, as well as our current system load.
  • Once the test is finished, you will be provided with a detailed report. The report is located on a secret link available only to you. The report is stored for your convenience for 90 days and then automatically deleted. You can delete the report yourself just after the test.

iOS Applications

All you need is a valid IPA archive for the application compiled as a Simulator App (see below).

Please follow the steps below to test iOS IPA:

  • Click on “Choose file” button and select the IPA, file upload will start immediately.
  • Once uploaded, the test will take approximately ten minutes, depending on application size and complexity, as well as our current system load.
  • Once the test is finished, you will be provided with a detailed report. The report is located on a secret link available only to you. The report is stored for your convenience for 90 days and then automatically deleted. You can delete the report yourself just after the test.

How to compile your iOS app as a Simulator App:

1. Run XCode and open your project;
2. Right-click your Project Name and select “Show in Finder.”;
3. Right-click YourProject.xcodeproj and navigate to “Open With > Terminal”;
4. Run “cd ..” – your current working directory is now your project’s main directory;
5. Determine which iPhone Simulator you can build to by running “xcodebuild -showsdks”;
6. Build your app with the “xcodebuild -arch x86_64 -sdk iphonesimulator{version}” command;
7. Go to build/Release-iphonesimulator and zip file YourProject.app;

Xem thêm: Top 31 Most Accurate Football Prediction Sites (2022 Updated)

ImmuniWeb Community Edition – Mobile App Security Test

The Mobile App Security Test is a free online tool to perform security and privacy tests of Android and iOS mobile apps:

The service can test mobile applications for the following platforms:

  • Android
  • Native Applications
  • Hybrid Applications (Cordova, PhoneGap, React, Xamarin)
  • iOS
  • Native Applications
  • Hybrid Applications (Cordova, PhoneGap, React, Xamarin)

It promptly detects the wide spectrum of most common weaknesses and vulnerabilities, including

OWASP Mobile Top 10

, and provides a user-friendly report with the discovered issues.

We provide the following automated tests of the mobile application:

  • Static Application Security Testing (SAST)
  • Dynamic Application Security Testing (DAST)
  • Behavior Testing for malicious functionality and privacy
  • Software Composition Analysis
  • Mobile Application Outgoing Traffic
  • External Communications and Outgoing Traffic

Please note, that the most dangerous vulnerabilities usually reside in the mobile back end (i.e. Web Services and APIs) and not in the application. Therefore, to complement your mobile security testing we strongly encourage you to thoroughly test the backend via

ImmuniWeb® MobileSuite

.

SAST

Mobile App Security Test performs Static Application Security Testing (SAST) to detect the following weaknesses and vulnerabilities:

    DAST

    Mobile App Security Test performs Dynamic Application Security Testing (DAST) to detect the following weaknesses and vulnerabilities:

      Behavioral

      Mobile App Security Test performs behavioral testing to detect when mobile application tries to access some sensitive or privacy-related functions:

          Software Composition Analysis

          The mobile application uses third-party libraries that may represent a security and privacy risk if they come from untrusted source or are outdated. Trusted and commonly accepted libraries (e.g. Google SDK, Facebook SDK, Signal SDK) are not displayed.

          Xem thêm: YouTube Vanced Apk v17.03.38 Latest by Vanced

          External Communications and Outgoing Traffic

          Specific SAST test reveals all remote hosts present in the source code of the mobile application where the application may connect to send or receive data at occurrence of a specific event (e.g. user action).

          Mobile Application Outgoing Traffic

          Specific DAST test provides a comprehensive list of all HTTP/S requests sent by the mobile application without interaction with user.

          Free API

          ImmuniWeb Community Edition provides a free API for the Mobile App Security Test. It shares the number of tests performed via web interface:

          Account type Tests per day Monthly subscription
          No Account 2 Free
          Free Account 4 Free

          Premium API

          ImmuniWeb Community Edition also provide a premium API for a higher number of tests via API or web interface:

          Select package Tests per day Monthly subscription
          10 $299
          25 $699
          100 $2795
          250 $7295

          ?

          The number of API requests will be available via web interface under your account

           

          ?

          The number of API requests will be shared among all users with the same domain name as your account

           

          Total: $4395

          Get in touch for details.

          Public schools, local governments and non-for-profit organizations may request a free access to the premium API.

          Xem thêm: How to download and play the Clash Mini beta

          API Documentation

          Full API Documentation

          API Specifications

          Field Name Value
          Protocol HTTP/HTTPS
          Request Type GET/POST
          URL https://www.immuniweb.com/mobile/api/

          Example of Transaction Using CURL

          # Downloading app from Google Play and starting test

          curl -d app_id=com.viber.voip&store_id=googleplay https://www.immuniweb.com/mobile/api/download_apk

          # Uploading APK/IPA file and starting test

          curl -F malware_check=0-Fhide_in_statistics=0-Ffile=@diva-beta.apk https://www.immuniweb.com/mobile/api/upload

          # Get test results

          curl https://www.immuniweb.com/mobile/api/test_info/id/TEST_ID

          # Delete test (possible only for manually uploaded APK/IPA files)

          curl https://www.immuniweb.com/mobile/api/delete/id/TEST_ID

          # Refresh test by redownloading (possible only for APKs downloaded from Google Play)

          curl https://www.immuniweb.com/mobile/api/refresh/id/TEST_ID

          Example of Server Response

          
          

          Command Line Toolkit

          Simple CLI interface to leverage ImmuniWeb® Community Edition free tools in CI/CD pipelines and DevOps.

          Install

          Download utilities from

          GitHub

          or use git:

          git clone https://github.com/immuniweb/iwtools.git” && cd iwtools/iwtools

          Install third-party python libraries:

          • termcolor
          • colorama
          • requests

          Usage

          Audit your iOS or Android apps for OWASP Mobile Top 10 and other vulnerabilities:

          Test application from market:

          ./iwtools.py mobile https://play.google.com/store/apps/details/?id=com.example.app

          Test hosted application:

          ./iwtools.py mobile https://example.com/app.apk

          Upload and test application:

          ./iwtools.py mobile /home/user/app.apk

          Get raw API response in JSON format:

          ./iwtools.py mobile –format raw_json /home/user/app.apk

           

          Check other command line options here.

          Latest Tested Mobile Applications

          Chuyên mục: App

           

          Related Articles

          Leave a Reply

          Your email address will not be published.

          Back to top button
          444 live app 444 live 444 live app 444live kisslive kiss live yy live yylive