Skip to main content
TrustRadius
Mobile Security Framework (MobSF)

Mobile Security Framework (MobSF)

Overview

What is Mobile Security Framework (MobSF)?

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and…

Read more
Recent Reviews
Read all reviews
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Mobile Security Framework (MobSF)?

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

32 people also want pricing

Alternatives Pricing

What is SonarQube?

SonarQube is a code quality and vulnerability solution for development teams that integrates with CI/CD pipelines to ensure the software you produce is secure, reliable, and maintainable.

Return to navigation

Product Demos

MobSF: Analizar malware en apps de Android/iOS DEMO

YouTube

DEF CON Safe Mode Demo Labs - Ajin Abraham - Mobile App Security Testing with MobSF

YouTube
Return to navigation

Product Details

Mobile Security Framework (MobSF) Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(1)

Reviews

(1-1 of 1)
Companies can't remove reviews or game the system. Here's why
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We have a staff app that we use to scan and redeem electronic vouchers that our members earn through casino gameplay. This scanning is deployed through payment devices that are managed by a third party. They require that our app pass through a stringent security check. MobSF is one of the few accepted penetration testing software.
  • Scan for vulnerabilities
  • Scan for bad coding
  • Give suggestions on fixes for security issues
  • The UI is not that user friendly
  • The documentation could be easier to understand
  • An easier method of deploying MobSF would be appreciated
MobSF is good for checking for vulnerabilities in your app. It will also give suggestions on how to address them. Another thing is can do is find code that may be incorrect. It is not, however, a substitute for a system that actually checks your code for proper use. It really is concentrated on security.
  • Security scan of the app code
  • Suggestions on the fixes in the vulnerabilities in the code
  • The detailed downloadable report that it generates after the scan
  • It has allowed our apps to pass a security vetting requirement of a third party to deploy our app
  • We can see where we can improve on the development of our app
  • The deployment can take a while, especially with teams not familiar with the software
In my opinion, MobSF is not as comprehensive as SonarQube. Both, however, do a very good job in scanning your code for vulnerabilities. Both do roughly the same things. The reports of SonarQube are more detailed though. The advantage that MobSF has over SonarQube is the price. One is free while the other is a paid solution (with several tiers). However, we use them together to get a more comprehensive scan.
No
  • Price
  • Other
MobSF is one of the most accessible Dynamic Application Security Testing tools in terms of price. It's actually free. There's really no excuse not to use it if you need to test your application for security flaws. It is also a great "second opinion" if you use another platform. You can easily compare the results. In our case, this was a requirement for us to submit our app to the platform of our vendor.
If I had to do the evaluation again, I would probably take into account newer features in other Dynamic Application Security Testing tools. I would also do more research into what other companies are using as well. Price is definitely a factor and it's hard to pass this tool up since it is free. This can always be used in conjunction with another.
Return to navigation