Status: Under Development (Not Tested)
This tool is currently in the development stage and has not undergone thorough testing. It is not recommended for production use at this time.
The Mobile Vulnerability Scanner is designed to automate the scanning of mobile applications for common security vulnerabilities. It uses AI-driven analysis to provide insights and suggested remediation steps, making it easier for penetration testers to assess and secure mobile apps.
- Static Analysis: Scans APK/IPA files for hardcoded secrets, insecure permissions, and more.
- Dynamic Analysis: Monitors runtime behavior and detects insecure data transmissions.
- API Testing: Tests API endpoints for vulnerabilities like weak authentication and data leaks.
- Automated Reporting: Generates detailed reports of identified vulnerabilities.
We are actively seeking help from the community to test and validate this tool. Your feedback and contributions are invaluable in making this project reliable and robust. If you have experience in mobile security testing or want to contribute, please consider helping with the following:
- Run the Tool: Download and run the tool on various APK/IPA files, especially those with known vulnerabilities.
- Report Bugs: If you encounter any issues, please open an issue on GitHub with detailed steps to reproduce the problem.
- Suggest Improvements: We welcome suggestions on how to improve the tool’s functionality or performance.
- Contribute Tests: Add automated tests for core features to help ensure the tool works as expected. You can find our current test scripts in the
testsdirectory. - Provide Feedback: Let us know what worked well and what didn't. Your feedback helps guide our development efforts.
Clone the Repository:
git clone https://github.com/4xyy/Mobile-Penetration-Testing-Tool.git
cd Mobile-Penetration-Testing-Tool
python3 -m venv .venv
source .venv/bin/activate # On Windows use: .venv\Scripts\activate
pip install -r requirements.txt
python main.py