7 services for finding a vulnerability of mobile applications
- Jun 02
According to the latest research of Nowsecure, more than 25% of mobile applications have at least one critical vulnerability.
In 59% of financial applications for Android there are three vulnerabilities from the OWASP TOP-10 list.
The more mobile phones are used, the more mobile applications appear. More than 2 million applications are available in the Apple App Store Apple Apple, and more than 2.2 million in Google Play Store.
There are many types of vulnerability, the most critical of them include:
If you are the owner or developer of the application, you must do everything to ensure the safety of your mobile application. There are many tools for finding sites vulnerability, and information below will help you find the weaknesses of the safety system of a mobile application.
Tools for finding vulnerability of Android or iOS applications.
1. OSTORLAB
OSTORLAB will allow you to check the application on Android or iOS and get a detailed report on the results of the check. Download the file of your application in APK or IPA format and a few minutes later the security report will be ready.
The maximum file size for loading for checking 60 MB. Nevertheless, if the size of your application exceeds 60MB, then you can contact OSTORLAB specialists to place the file through the API request.
The basis of open source programs as Androguard and Radare2 are based on. I advise you to check your mobile application for free using OSTORLAB.
2. Appvigil
Find all the gaps in the security system of your mobile application using Appvigil and get a detailed vulnerability report in a matter of minutes.
With Appvigil you will receive not only a description of possible threats, but also recommendations for eliminating vulnerability to quickly solve the problem. No programs need to be installed, since everything is processed in the Appvigil cloud.
After you download APK or IPA files, a static and dynamic application (Android/iOS) is made, including the presence of vulnerability from the OWASP TOP-10 list.
3. Quixxi
Quixxi is designed to obtain mobile analytics, protect mobile applications and restore potential income. If you just need to check the application for the presence of vulnerability, then download the Android or iOS application file here.
It will take several minutes to check. After the check is completed, you will have a brief vulnerability report. If you need a full report, then you need to register on the site. It's free.
4. Andrototal
As you can guess by name, Andrototal is suitable only for working with Android applications. Andrototal checks the APK file for the presence of viruses and malicious code, checking the results of the following antivirus programs:
If you need to quickly check the APK files for the presence of viruses, then Andrototal is a good solution.
Akana is an interactive tool for analysis of Android applications. Akana checks the application for the presence of malicious code and displays information about the results.
The check is free, so try and see if there is a malicious code in your Android.
NVISO APKSCAN is another convenient network tool for checking the application for harmful code. The results may not be ready immediately, it depends on your place in line. You can leave your email and receive a notification when the report is ready.
I checked the layout of my application using NVISO and saw that the following was checked:
7. Sanddroid
Sanddroid conducts static and dynamic analysis and forms a full report. You can upload an APK or ZIP file with a size of not more than 50 MB.
Sanddroid has been developed by the Botnet research group and Sian Transport University. The following is checked:
Request the report and evaluate the security of your application.
I hope that tools for checking vulnerability will help you check the safety of the mobile application and eliminate the problems found.
If you have your own site, then you may be interested in the possibility of automatically checking the site for vulnerabilities!
#Security and World #Security #Internet