https://github.com/4xyy/mobile-penetration-testing-tool

AI-Powered Mobile Application Penetration Testing Tool
https://github.com/4xyy/mobile-penetration-testing-tool

ai-security android api-security apk-analysis cybersecurity dynamic-analysis ethical-hacking frida ios ipa-analysis jadx mobile-app-security mobile-security network-monitoring penetration-testing security-research security-testing security-tool static-analysis vulnerability-scanner

Last synced: 5 months ago
JSON representation

AI-Powered Mobile Application Penetration Testing Tool

• Host: GitHub
• URL: https://github.com/4xyy/mobile-penetration-testing-tool
• Owner: 4xyy
• Created: 2024-09-15T15:43:10.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-09-17T04:00:01.000Z (over 1 year ago)
• Last Synced: 2025-01-08T01:36:12.958Z (over 1 year ago)
• Topics: ai-security, android, api-security, apk-analysis, cybersecurity, dynamic-analysis, ethical-hacking, frida, ios, ipa-analysis, jadx, mobile-app-security, mobile-security, network-monitoring, penetration-testing, security-research, security-testing, security-tool, static-analysis, vulnerability-scanner
• Language: Python
• Homepage:
• Size: 3.77 MB
• Stars: 2
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.MD

Awesome Lists containing this project

README

          
# Mobile Vulnerability Scanner

**Status: Under Development (Not Tested)**

This tool is currently in the development stage and has not undergone thorough testing. It is not recommended for production use at this time. 

## Overview

The Mobile Vulnerability Scanner is designed to automate the scanning of mobile applications for common security vulnerabilities. It uses AI-driven analysis to provide insights and suggested remediation steps, making it easier for penetration testers to assess and secure mobile apps.

## Current Features

- **Static Analysis:** Scans APK/IPA files for hardcoded secrets, insecure permissions, and more.

- **Dynamic Analysis:** Monitors runtime behavior and detects insecure data transmissions.

- **API Testing:** Tests API endpoints for vulnerabilities like weak authentication and data leaks.

- **Automated Reporting:** Generates detailed reports of identified vulnerabilities.

## 🚨 **Help Wanted: Testing Needed!** 🚨

We are actively seeking help from the community to test and validate this tool. Your feedback and contributions are invaluable in making this project reliable and robust. If you have experience in mobile security testing or want to contribute, please consider helping with the following:

### **How You Can Help:**

1. **Run the Tool:** Download and run the tool on various APK/IPA files, especially those with known vulnerabilities.

2. **Report Bugs:** If you encounter any issues, please open an issue on GitHub with detailed steps to reproduce the problem.

3. **Suggest Improvements:** We welcome suggestions on how to improve the tool’s functionality or performance.

4. **Contribute Tests:** Add automated tests for core features to help ensure the tool works as expected. You can find our current test scripts in the `tests` directory.

5. **Provide Feedback:** Let us know what worked well and what didn't. Your feedback helps guide our development efforts.

### **Getting Started with Testing:**

 **Clone the Repository:**

   ```bash

 git clone https://github.com/4xyy/Mobile-Penetration-Testing-Tool.git

 cd Mobile-Penetration-Testing-Tool

 python3 -m venv .venv 

source .venv/bin/activate # On Windows use: .venv\Scripts\activate 

pip install -r requirements.txt

python main.py