dddddddddddddddddddddddddddddddddddddddd/
ddddddddddddddddddMMMMdddddddddddddddddd/
``````````````````NMMM``````````````````
---------------------NMMM---------------------`
`NNNNNNNNNNNNNNNNNNNNNMMMMNNNNNNNNNNNNNNNNNNNNNo
`MMMmoooooooooooooooooNMMMooooooooooooooooosMMMs
`MMMy NMMM -MMMs
`MMMy /hhhhhhhhhhh` NMMM hhhhhhhhhhhs -MMMs
`MMMy /hhhhhhhhhhh` NMMM hhhhhhhhhhhs -MMMs
`mmms NMMM -mmmo
/ssssssssssss` NMMM sssssssssssss.
sNNNNNNNNNNNN` NMMM NNNNNNNNNNNNN-
oooo
::::::::::::::::::::::::::::::::::::`
`MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM/
////////////////////////////////////.
-yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyo
:MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMd
````````````-NMMMd.```````````-ohNh+.````````````
:NMMMo` `+hMMMNy:`
+NMMm: ````-sNMMMmo.
.yyyyyydMMMMmdddddmmmmmmmmmmmmNNNMMMMMMNh:
`MMMMMMMNNNNNNNmmmmmmddddddhhhhhhyyyyymMMMd/
---............````````````` `+mds:
``
[deroad's blog]
[home]
# 2020-03-02 | fufluns - Mobile App Inspector
{
It's finally time to release fufluns.
It's a simple tool, written in Python (py3), that does static analysis on mobile apps.
You just drag and drop your application (*.ipa or *.apk) and you can have a initial
overview of the security from the static analysis POV.
It's easy to extend it, because each detection is handled by a "plugin" and it's self
contained.
The tool provides the CVSS score related to the issue found and also allows exporting
the result of the static analysis in Markdown and Textile format.
The tool uses only radare2 (and r2pipe), APKiD and Apktool.
As always big thanks to APKiD and Apktool authors for their work. Awesome tools and
great community!
The source code can be found here: https://github.com/wargio/fufluns
}