TrustRadius

Hashcat vs. Mobile Security Framework (MobSF)

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Hashcat
Score 10.0 out of 10
N/A
Hashcat is a password recovery tool that can also be used in security testing (e.g. password cracking, exposing flaws).N/A
Mobile Security Framework (MobSF)
Score 8.0 out of 10
N/A
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for integration with CI/CD or DevSecOps pipeline. The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.N/A
Pricing
HashcatMobile Security Framework (MobSF)
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
HashcatMobile Security Framework (MobSF)
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
HashcatMobile Security Framework (MobSF)
Best Alternatives
HashcatMobile Security Framework (MobSF)
Small Businesses

No answers on this topic

No answers on this topic

Medium-sized Companies

No answers on this topic

Veracode
Veracode
Score 8.8 out of 10
Enterprises

No answers on this topic

Veracode
Veracode
Score 8.8 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
HashcatMobile Security Framework (MobSF)
Likelihood to Recommend
10.0
(1 ratings)
8.0
(1 ratings)
User Testimonials
HashcatMobile Security Framework (MobSF)
Likelihood to Recommend
Open Source
Any time you want to perform offline password cracking exercises, Hashcat is going to be able to do that for you. I can't think of any scenario where you have a password hash you need to crack where another tool would be more suited to the task. Hashcat, of course, works best when you have a GPU available, but you can even use it on a VM if you use the --force flag.
Verified User
Anonymous
Read full review
Open Source
MobSF is good for checking for vulnerabilities in your app. It will also give suggestions on how to address them. Another thing is can do is find code that may be incorrect. It is not, however, a substitute for a system that actually checks your code for proper use. It really is concentrated on security.
FD
Francis de Castro
Business User Engagement Manager
Read full review
Pros
Open Source
  • GPU accelerated password cracking
  • Rule based attacks
  • Supports all the hash formats
Verified User
Anonymous
Read full review
Open Source
  • Scan for vulnerabilities
  • Scan for bad coding
  • Give suggestions on fixes for security issues
FD
Francis de Castro
Business User Engagement Manager
Read full review
Cons
Open Source
  • When drivers for your GPU aren't working it can be very frustrating to get started
  • Some 3rd party GUI exists for Hashcat, but having an official one could be nice
Verified User
Anonymous
Read full review
Open Source
  • The UI is not that user friendly
  • The documentation could be easier to understand
  • An easier method of deploying MobSF would be appreciated
FD
Francis de Castro
Business User Engagement Manager
Read full review
Alternatives Considered
Open Source
No answers on this topic
Open Source
In my opinion, MobSF is not as comprehensive as SonarQube. Both, however, do a very good job in scanning your code for vulnerabilities. Both do roughly the same things. The reports of SonarQube are more detailed though. The advantage that MobSF has over SonarQube is the price. One is free while the other is a paid solution (with several tiers). However, we use them together to get a more comprehensive scan.
FD
Francis de Castro
Business User Engagement Manager
Read full review
Return on Investment
Open Source
  • Hashcat is a free tool
  • It can be used to test password policies
  • Great tool for penetration testers doing offline password attacks
Verified User
Anonymous
Read full review
Open Source
  • It has allowed our apps to pass a security vetting requirement of a third party to deploy our app
  • We can see where we can improve on the development of our app
  • The deployment can take a while, especially with teams not familiar with the software
FD
Francis de Castro
Business User Engagement Manager
Read full review
ScreenShots