Dynamic Analysis Using MobSF

Why

MobSF has the ability to aid us in performing runtime analysis of Android applications.

What

To perform runtime analysis of an android app, the analyst must take following steps:

• Configure MobSF for dynamic analysis of android apps
• Perform runtime analysis with MobSF
• Know the features provided as part of runtime analysis using MobSF

How

1. Configure Static Analyzer

    $ git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git
    $ cd Mobile-Security-Framework-MobSF
    $ sudo pip3 install virtualenv
    $ sudo source venv/bin/activate
    $ pip install -r requirements.txt
    $ python3 manage.py runserver
   

   Alternatively, start MobSF as a docker container:

    $ docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest
   

2. Download MobSF Android x86 4.4.2 VM (v0.3) ova file from https://drive.google.com/file/d/0B_Ci-1YbMqshY0xrYl9IWHVTVFU/view
3. Start the MobSF Android VM.
4. Configure Dynamic Analyzer as explained in following link: https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/11.-Configuring-Dynamic-Analyzer-with-MobSF-Android-4.4.2-x86-VirtualBox-VM
5. Run MobSF and navigate to http://localhost:8000/ to access MobSF web interface.
6. Choose an APK file for dynamic analysis.

7. Click on Start Dynamic Analysis option in the left navigation menu.

   

8. Click on Create Environment button.

   

9. Once the environment is created successfully, you can start dynamic analysis of the target application. Explore the different options provided by the MobSF framework for dynamic analysis.

   

References

• https://kalilinuxtutorials.com/mobsf-mobile-security-framework/
• https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-documentation
• http://abhi7435thakur.blogspot.com/2017/11/security-testing.html