Mobsf

- Features or Enhancements
- Added Support for Android Network Security Config Analysis
- Replace SAST core with libsast
- Support for line numbers in source code
- Replaced Code Viewer with EnlighterJS
- Kotlin source scan support
- Improved Certificate Analysis
- Genymotion Cloud Support
- Support Android Emulator AVD x86, ARM, ARM64
- Verify Dynamic Analysis APK Installation
- Dynamic Analysis: Support APK with test package requirements
- Automatic MobSFy on Frida binary update
- Expose App result compare REST API and Update REST API Docs
- Clean up MobSF proxy on exit
- IPA Binary Regex QA
- Optimize Root Checking Frida Script
- Environment Checks to see if API Level is supported and /system is writable
- Prebuilt dex enabled yara-python and improved setup, tox, tests
- Added Chinese documentation
- Reduce Docker image size
- Improved Postgresql Docker Support
- Android Dynamic Analysis QA
- Update Dependencies

- Bug Fixes
- Android Rule Fixes
- Fixed API Monitor which was broken from Frida 12.8.19
- Fixed iOS ATS bug
- Fix Black PDF background issue
- LGTM Scan Code QA

- Security
- Fixed Regex DoS in Email Extraction
- Fixed insecure Default Bind to 0.0.0.0

- Features or Enhancements
- iOS Swift Source Code Support
- Improved iOS Swift and Objective C rules
- OWASP MASVS/MSTG Standard Support
- Brand New PDF Reports
- Improved SAST Core
- Improved iOS Application Transport Security Checks
- Improved iOS Permission Checks
- Added IP to Geolocation Feature for Domain Malware Check
- URL and IP extraction from IPA
- App Risk Calculation from App Security Score
- Improve Recent Scan View
- Add Jtool2 support
- Code QA
- New Docs Site

- Bug Fixes
- Classdump bug fixes
- Geolocation bug fixes

- Features or Enhancements
- Simplified REST API
- Improved Android App Name detection
- Dynamic Analysis proper Root CA naming
- Changes to Support Android x86 Docker
- Dependency updates
- Code QA

- Bug Fixes
- Handle Invalid ATS domain entries iOS
- Fixes a Template Bug

- Features or Enhancements
- OWASP Mobile Top 10 2016 is supported
- Major UI Update for MobSF
- Major Schema changes to rest API
- iOS URLs Scheme
- iOS ATS Analysis improved
- New iOS Static Analysis Rules
- New iOS Static Analysis Rules
- New Android Manifest Analysis Rules
- Updated dependencies
- Optimized Windows Setup
- Updated Scoring mechanisms
- Improved Tracker detection
- Remove Global Proxy after dynamic analysis
- Android Permission database update
- Added Play with Docker support
- AppMonsta support
- Code QA

- Bug Fixes
- Fix Security issue 1197 (Directory Traversal)
- iOS Static Analyzer fixes
- Typo Fix
- Moved to oscrypto and distro
- Windows binscope bug fix
- Reduce False positives

- Features or Enhancements
- Dynamic Analysis Support for Genymotion Android VMs 4.1 -9.0 x86
- Improved Recent Scan
- Replaced CapFuzz with HTTPtools
- Automatic MobSFy with Xposed and Frida
- Streaming logcat
- Live API Monitor
- Better SQlite DB View
- Inbuilt Frida scripts for basic tasks
- Custom Frida Script support
- Frida Log Viewer
- UI Changes
- Browser PDF print support
- Updated Tools
- Baksmali performance improvements
- Improved malware domain check
- Multi OS Travis Support
- Code QA

- Bug Fixes
- Typo Fix
- Reduce False positives

- Features or Enhancements
- 70x performance improvements for large APKs
- CVSS, CWE tagging with results
- Trackers Detection
- App Store/ Playstore Details of supported packages
- Added Security Score, Average CVSS Score, VirusTotal & Tracker Detection
- Coloured logging
- Better Logging and Exception Handling
- Travis CI/CD integration
- Optimized & Updated Dockerfile
- Super fast java decompiling with JADX
- Large scale Code QA
- Enforced mandatory code linting
- Integrated automated travis tests in Linux and OSX
- Moved to proper production servers Gunicorn & Waitress
- Improved icon detection
- Android APK app real name
- Moved from Oracle JDK to OpenJDK
- Reduce False Positives
- Enforced Least privilege mode
- Improved Setup scripts
- Moved to androguard based certificate printing
- File less local db updates for better cross platform support
- Static Analyzer rule updates and accuracy improvement
- REST API - Recent Scans
- classdump support for iOS swift binaries
- Updated dependencies
- SonarCloud Integration

- Bug Fixes
- Fixed bug in Appx Analysis
- Dynamic Analysis Bug Fix
- Fix plist bug in iOS SCA
- Performance Improvements