Automated Mobile Application Security Assessment with MobSF

This course introduces Mobile Security Framework (MobSF) which automates your Mobile Application Security Assessments.
3.7 (40 ratings)
Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
382 students enrolled
67% off
Take This Course
  • Lectures 22
  • Length 1 hour
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works


Find online courses made by experts from around the world.


Take your courses with you and learn anywhere, anytime.


Learn and practice real-world skills and achieve your goals.

About This Course

Published 10/2015 English

Course Description

Mobile Application market is growing like anything and so is the Mobile Security industry. With lots of frequent application releases and updates happening, conducting the complete security analysis of mobile applications becomes time consuming and cumbersome mainly because of the overheads in setting up and maintaining a mobile application testing environment. This course will introduce an extendable, and scalable web framework called Mobile Security Framework (MobSF) for Automated Security analysis of Mobile Applications. Mobile Security Framework is an intelligent and automated open source mobile application (Android/iOS) pentesting and binary/code analysis framework capable of performing static and dynamic analysis. It supports Android and iOS binaries as well as zipped source code. This course will teach the attendee on how to configure and run MobSF. In addition to that, the instructor will discuss various real world use cases with MobSF like Android Malware analysis and uncovering vulnerabilities in few Android applications that are present in Google playstore.

Features of this course

  • Getting Familiar with an Open Source framework for Automated Mobile Security Assessment.
  • Learn about One Click Report Generation and Security Assessment.
  • Learn how to deploy MobSF at your own environment so that you have complete control of the data. The data/report stays within the organisation and nothing is stored in the cloud.
  • Perform Automated Security Assessment for both Android and iOS Applications.
  • Learn about the semi Automatic Dynamic Analyzer for intelligent application logic based (whitebox) security assessments.

What are the requirements?

  • Basic Usage of Linux/Windows/Mac
  • Comfortable with Terminal Like Interface

What am I going to get from this course?

  • Learn how to perform Automated Security Assessment of Mobile Applications.
  • Learn how to configure and run Mobile Security Framework
  • Perform Automated Static and Dynamic Analysis of Mobile Applications with MobSF

Who is the target audience?

  • This course is for Application Security Professionals interested in Mobile Application Security
  • If you are trying to automate the cumbersome process of Mobile Application Security Assessment; Don't hesitate, this is for you.
  • If you want to learn Mobile Application Security, this course is probably not for you.

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.


Section 1: Introduction to Mobile Security Framework - MobSF
Getting Mobile Security Framework
What makes Mobile Security Framework Unique
Basic Requirements to Run MobSF
Section 2: Performing Static Analysis with MobSF
Overview: Static Analysis
Configuring MobSF for Static Analysis
Static Analysis in Android Binaries and Source Code
Performing Static Analysis on Android Binaries
Performing Static Analysis on Android Source Code
Static Analysis in iOS Binaries and Source Code
Performing Static Analysis on iOS Binaries
Performing Static Analysis on iOS Source Code
Section 3: Performing Dynamic Analysis with MobSF
Overview: Dynamic Analyzer
Dynamic Analysis in Android Binaries
Configuring MobSF for Dynamic Analysis of Android Binaries
Performing Dynamic Analysis of Android Binaries with MobSF
Section 4: Case Studies
Android Malware Analysis
AppLock MITM Password Reset Vulnerability
Exploiting AppLock Vulnerability
Bypassing Pin in Whisper Android Application
Exploiting Whisper App Vulnerability
Section 5: Slides
Course Slides
23 pages

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Ajin Abraham, Security Researcher

Ajin Abraham is an Application Security Engineer by profession having 5+ years of experience in Application Security including 2 years of Security Research. He is passionate on developing new and unique security tools than depending on pre existing tools that never work. Some of his contributions to Hacker's arsenal include OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (MobSF), Xenotix xBOT, MalBoxie, Firefox Add-on Exploit Suite, Static DOM XSS Scanner, NodeJsScan etc to name a few.

He has been invited to speak at multiple security conferences including ClubHack, NULLCON, OWASP AppSec AsiaPac, BlackHat Europe, Hackmiami, Confidence, BlackHat US, BlackHat Asia, ToorCon, Ground Zero Summit, Hack In the Box and c0c0n.

Ready to start learning?
Take This Course