Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/fundacaocerti/mobsf-action

GitHub Actions for MobSF
https://github.com/fundacaocerti/mobsf-action

Last synced: 2 months ago
JSON representation

GitHub Actions for MobSF

Host: GitHub
URL: https://github.com/fundacaocerti/mobsf-action
Owner: fundacaocerti
License: gpl-3.0
Created: 2020-08-10T13:05:42.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2024-04-24T16:49:17.000Z (9 months ago)
Last Synced: 2024-10-31T10:44:17.694Z (3 months ago)
Language: Shell
Size: 32.2 KB
Stars: 25
Watchers: 4
Forks: 23
Open Issues: 8
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-lists - fundacaocerti/mobsf-action - GitHub Actions for MobSF (Shell)

README

# GitHub Actions for MobSF

This Action for [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) enables MobSF analysis actions using the MobSF docker.

## Inputs

* `INPUT_FILE_NAME` - **Required** - The input fila path to be analysed
* `SCAN_TYPE` - **Required** - the scan type: apk, zip, ipa, or appx
* `OUTPUT_FILE_NAME` - **Required** - the output file path (will output two files, the first with extension .json and the second .pdf)

## Example

To build a Flutter project with MobSF Analysis:

```yaml
name: Build and Deploy
on:
push:
branches:
- master

jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@master

- name: Set-up Java
uses: actions/setup-java@v1
with:
java-version: '12.x'

- name: Set-up Flutter
uses: subosito/flutter-action@v1
with:
flutter-version: '1.9.1+hotfix.6'

- name: Flutter Install Dependencies
- run: flutter pub get

- name: Flutter Test
run: flutter test

- name: Flutter Build
run: flutter build apk

- name: Run MobSF Analysis
uses: fundacaocerti/[email protected]
env:
INPUT_FILE_NAME: build/app/outputs/apk/app.apk
SCAN_TYPE: apk
OUTPUT_FILE_NAME: mobsf-report

- name: Upload MobSF Analysis PDF Result
uses: actions/upload-artifact@v2
with:
name: mobsf-report.pdf
path: mobsf-report.pdf

- name: Upload MobSF Analysis JSON Result
uses: actions/upload-artifact@v2
with:
name: mobsf-report.json
path: mobsf-report.json
```
Alternatively:

```yaml
with:
SCAN_TYPE: ipa
```

Thanks @ajinabraham for the support on troubleshooting this development.

## License

The Dockerfile and associated scripts and documentation in this project are released under the [GPL-3.0](LICENSE).