ContactPeople App™

Mobile App Security Test by ImmuniWeb

Please enable JavaScript in your browser in order to use this page

0 tests running

  tests today

Provided “as is” without any warranty of any kind

  tests running   tests in
24 hours

How-To Test

Below are simple instructions on how to use Mobile App Security Test for your Android and IOS applications.

Android Applications

All you need is a valid APK archive for the application. APK’s can either be compiled from the application source code, or, if already in Google Play market, downloaded via F-Droid or androidappsapk.co.

Please follow the steps below to test Android APK:

iOS Applications

All you need is a valid IPA archive for the application compiled as a Simulator App (see below).

Please follow the steps below to test iOS IPA:

How to compile your iOS app as a Simulator App:

1. Run XCode and open your project;
2. Right-click your Project Name and select “Show in Finder.”;
3. Right-click YourProject.xcodeproj and navigate to “Open With > Terminal”;
4. Run “cd ..” – your current working directory is now your project’s main directory;
5. Determine which iPhone Simulator you can build to by running “xcodebuild -showsdks”;
6. Build your app with the following command “xcodebuild -arch i386 -sdk iphonesimulator{version}”;
7. Go to build/Release-iphonesimulator and zip file YourProject.app;

ImmuniWeb Community Edition – Mobile App Security Test

The Mobile App Security Test is a free online tool to perform security and privacy tests of Android and iOS mobile apps:

Contact People App Image Ad

The service can test mobile applications for the following platforms:

It promptly detects the wide spectrum of most common weaknesses and vulnerabilities, including OWASP Mobile Top 10 , and provides a user-friendly report with the discovered issues.

We provide the following automated tests of the mobile application:

Please note, that the most dangerous vulnerabilities usually reside in the mobile back end (i.e. Web Services and APIs) and not in the application. Therefore, to complement your mobile security testing we strongly encourage you to thoroughly test the backend via ImmuniWeb® MobileSuite .

SAST

Mobile App Security Test performs Static Application Security Testing (SAST) to detect the following weaknesses and vulnerabilities:

DAST

Mobile App Security Test performs Dynamic Application Security Testing (DAST) to detect the following weaknesses and vulnerabilities:

Behavioral

Mobile App Security Test performs behavioral testing to detect when mobile application tries to access some sensitive or privacy-related functions:

Software Composition Analysis

The mobile application uses third-party libraries that may represent a security and privacy risk if they come from untrusted source or are outdated. Trusted and commonly accepted libraries (e.g. Google SDK, Facebook SDK, Signal SDK) are not displayed.

Mobile App External Communications

Specific SAST test reveals all remote hosts present in the source code of the mobile application where the application may connect to send or receive data at occurrence of a specific event (e.g. user action).

Mobile Application Outgoing Traffic

Specific DAST test provides a comprehensive list of all HTTP/S requests sent by the mobile application without interaction with user.

Free API

ImmuniWeb Community Edition provides a free API for the Mobile App Security Test. It shares the number of tests performed via web interface:

Account type Tests per day Monthly subscription
No Account 2 Free
Free Account 4 Free

Premium API

ImmuniWeb Community Edition also provide a premium API for a higher number of tests via API or web interface:

Public schools, local governments and non-for-profit organizations may request a free access to the premium API.

API Documentation

Full API Documentation

API Specifications

Field Name Value
Protocol HTTP/HTTPS
Request Type GET/POST
URL https://www.immuniweb.com/mobile/api/

Example of Transaction Using CURL

curl -d “app_id=com.viber.voip&store_id=googleplay” “https://www.immuniweb.com/mobile/api/download_apk”

curl -F “malware_check=0 -F hide_in_statistics=0 -F file=@diva-beta.apk” “https://www.immuniweb.com/mobile/api/upload”

curl “curl https://www.immuniweb.com/mobile/api/test_info/id/TEST_ID”

curl “curl https://www.immuniweb.com/mobile/api/delete/id/TEST_ID”

curl “curl https://www.immuniweb.com/mobile/api/refresh/id/TEST_ID”

Example of Server Response

Mobile App Security Vulnerabilities and Weaknesses

Application Name Application ID Test Date/Time Security Flaws

Mobile App Malware Found by VirusTotal

Application Name Application ID Malware

OWASP Top 10 Mobile Vulnerabilities Statistics

Mobile App Security Research

Frequently Asked Questions

Try Other ImmuniWeb® Free Products

Mobile App Security Test is in progress tests running test speed: May take up to twenty minutes, but usually is quicker.
Please do not close this window. Summary of Mobile Application Security Test Test Summary ]]>

Source

Contact People App Splash Screen
css.php