This Go project provides a core setup flow for performing static scanning of Android and iOS app packages using MobSF (Mobile Security Framework). It is designed to simplify the process of scanning mobile applications for security vulnerabilities.
- Go installed on your machine
- Kubernetes cluster set up
kubectlconfigured to interact with your cluster- MobSF installed and configured
Follow these steps to set up and run the MobSF static scanning:
cd mobsf
Replace your 64-character alpha numeric API key with both lower and upper case in the appropriate YAML configuration file:
- For development:
build/mobsf-dev.yaml - For production:
build/mobsf-prod.yaml
If you need to change the namespace, do so in the YAML configuration files as needed.
Run the following command based on the environment type (dev or prod):
kubectl apply -f build/mobsf-dev.yaml
Note: For this project, we will be using the dev setup in the mobsf namespace.
After deploying, pick the NodePort from the deployed service to access the MobSF server.
Replace the MobSF server URL and the app path in the code with the correct details that correspond to your setup.
Run the following command to tidy up your Go module dependencies:
go mod tidy
Finally, execute the main Go program:
go run main.go
Happy scanning! 🚀