Setting up Mobile Static Code Analysis platform using Docker and MobSF

Introduction

With the advent of smartphones since 2010, Android has substantially increased as choice of Operating System to be used in smartphones after iOS. So much so, that statistics show that Android has a market coverage of 86.6% worldwide. Android has been built on top of Linux kernel, and the main contributor, as well as commercial marketer is Google. Just like Windows supports .exe applications for its executables, Android applications are of the format .apk

Prerequisites

For this blog, I picked the following environments:

Docker Installation

To install Docker, one must perform the following steps in terminal:

curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add –
echo ‘deb [arch=amd64] https://download.docker.com/linux/debian buster stable’ | sudo tee /etc/apt/sources.list.d/docker.list
apt-get update
apt install docker-ce
docker pull opensecurity/mobile-security-framework-mobsf
docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf

A security professional. I break things. I fix things. OSCP. OSWE. Spreading the knowledge :)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store