AUTOMATED MOBILE APP PENTESTING SOLUTION
SM-MSA MOBILE SECURITY ANALYZER

Analysis and discovery of mobile malwares, analysis and discovery of non - identification and anomalies of software through the analysis of suspicious behavior and components. Analysis and identification of dangerous and risk - related permissions.

More Information
AUTOMATED MOBILE APP PENTESTING SOLUTION SM-MSA
Static Analysis (SAST)

In static analysis, application is tested from the inside out. It analyzes the source code or binary without executing the application. It does not rely on the runtime environment. It can be used to test code during development, caching vulnerabilities early on. SM-MSA in SAST, Analysis code vulnerabilities, App Manifest Misconfig and vulnerabilities, App Components vulnerabilities Such as Activity or Providers vulnerability and Binary libs, App Permissions, App Certs and etc. SM-MSA doesn't need any source of your App just upload Youre APK/IPA and get the reports.

Dynamic Analysis (DAST)

The focus of DAST is the testing and evaluation of apps via their real-time execution. The main objective of dynamic analysis is finding security vulnerabilities or weak spots in a program while it is running. Dynamic analysis is conducted both at the mobile platform layer and against the back-end services and APIs, where the mobile app's request and response patterns can be analyzed.SM-MSA Dynamic Analyzer checks for security mechanisms that provide sufficient protection against the most prevalent types of attack, such as disclosure of data in transit, authentication and authorization issues, server / API vulnerabilities, File and Network I/O , Crypto and Run time Components Vulnerabilities Whit DYATTACKER Such As exported Component Exploiting , Intent Sniffing / Spoofing , Providers SQLI / LFI , Receivers Sniffing and spoofing , Hooking ,etc.

falcon overwatch detection highlights
Mobile Malware Analysis

SM-MSA Scan Your Apps Whit More than 60 Antivirus in it’s Cloud  To detect any Malware or Harmful Components. Furthermore, SM-MSA checks if any App Use Malware Evasion Techniques Such As Packer, Dropper, Anti-sandbox techniques, Crypter, Binder and so on. 

Mobile Malware Analysis

SM-MSA Check Apps Hardcoded URL / IP for detecting any phishing, Botnet and C&C Servers.

Malicious / Suspicious Behaviors Analysis

SM-MSA checks Apps For Malicious Behaviors than can’t find whit Malware Analyzer module Such As Record Sound / Video, Read Wifi credentials, Read Sim Card info, Read Contact List, Send SMS,  Make Phone Calls, etc Without user Permission.

API Analysis

Many Apps use API to connect to its Backend server for transfer Data and so on. SM-MSA Can Analysis API for Detecting Vulnerabilities Such As cryptography, ServerSide Auth and others based on OWASP Top 10 - 2017.

Code structure Checker

SM-MSA finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. You can check your app flaw in more than 23 categories.

OWASP, PCI-DSS & Other Compliance Report

Get complied with industry standards / best practices like OWASP,MASVS,MSTG, PCI-DSS, SOX, HIPPA, NIST.

SM-MSA Mobile Security Analyzer

  • Static Analysis
  • Dynamic Analysis
  • Mobile Malware Analysis
  • API Analysis

Contact Us