Hackers of India

Mafia: Mobile Security Automation Framework for Intelligent Auditing

By Ankur Bhargava , Sagar Popat , Mohan Kallepalli on 09 Aug 2018 @ Blackhat : Arsenal
πŸ’» Source Code πŸ”— Link
#audit #security-testing #automated-scanning #application-pentesting #secure-development #static-analysis #dynamic-analysis
Focus Areas: βš–οΈ Governance, Risk & Compliance , πŸ” Application Security , βš™οΈ DevSecOps , 🦠 Malware Analysis , πŸ” Vulnerability Management
This Tool Demo covers following tools where the speaker has contributed or authored
MAFIA

Abstract

Mobile applications are critical when it comes to vulnerabilities in production environment. The only option to remove a product issue is to force update the app, which isn’t a good user experience, especially when the app download size is high. With this project, we aim to automate the manual security testing and leverage developers with a tool which helps them identify bugs well in advance. The goal of MAFIA is to perform end to end security testing for a given mobile app and create a self serve tool for developers and security engineers.