Hackers of India

Mafia: Mobile Security Automation Framework for Intelligent Auditing

By Ankur Bhargava , Mohan Kallepalli on 05 Dec 2018 @ Blackhat : Arsenal
πŸ’» Source Code πŸ”— Link
#audit #security-testing #secure-development #automated-assessment #mobile-application-management #application-pentesting #static-analysis
Focus Areas: βš–οΈ Governance, Risk & Compliance , πŸ” Application Security , βš™οΈ DevSecOps , 🦠 Malware Analysis , πŸ“± Mobile Security , πŸ” Vulnerability Management
This tool demo covers following tools where the speaker has contributed or authored
MAFIA

Abstract

Mobile applications are critical when it comes to vulnerabilities in a production environment. The only option to remove a product issue is to force update the app, which isn’t a good user experience, especially when the app download size is high. With this project, we aim to automate the manual security testing and leverage developers with a tool which helps them identify bugs well in advance. The goal of MAFIA is to perform end-to-end security testing for a given mobile app and create a self-serve tool for developers and security engineers.