Mobile Application SAST (Automated Static Application Security Testing) is an automated, all-in-one mobile application (Android/iOS/) White box Security testing, malware analysis and security assessment framework capable of performing static analysis.
It looks at the source code to check for coding and design flaws that could allow for malicious code injection. Some examples of these malicious attacks, according to OWASP, include SQL Injections, Command Injections, and Server-Side Injections, among others.
In static analysis application is tested from the inside out. It analyzes the source code or binary without executing the application. It does not rely on runtime environment. It can be used to test code during development, caching vulnerabilities early on. Static analysis security testing tools must be run on the application on a regular basis, such as during daily/monthly builds, every time code is checked in, or a code release.
Determine if an application has come from its original source.
Find vulnerability inside one of the components in the AndroidManifest.xml file.
Identifies potential vulnerabilities, determines their severity & type of vulnerability was found in the files.
Determines its status concerning & the description of permissions.
This is analysis of binary code to identify security issues.
You can view android API used in app like java reflection, location, storage and similar stuffs.
CommunityFree Trial (7 Days)
|Credits||1 Credit(s)||2 Credits/Month||10 Credits/Month||Unlimited|
|Source Code Review|
|CVSS Score Calculator|
|Sensitive Information Leak Analysis||x|
|Android API Visibility||x|
|Malware Analysis (ML Based)||x|
|Role Based Access Controls||x||x|
|API Vulnerability Assessment||x||x||x|
|Dynamic App Security Testing||x||x||x|
Note: Yes x No Email Only
The One Tower, Floor 24,
Office #12, Sheikh Zayed Road, Dubai, UAE
Inquiries : firstname.lastname@example.org