Mobile App Security Test for CI/CD
Description
Mobile App Security Test can be seamlessly integrated into your CI/CD pipeline to automatically test your new or updated mobile applications prior to their deployment to production. You can use a Docker image or a Python script as described below.
Installing Python Script
Create virtual environment and install dependencies. Python >= 3.7 required.
git clone "https://github.com/immuniweb/iwtools.git" && cd iwtools/iwtools
python3 -m venv env
source ./env/bin/activate
pip install -r requirements.txt
python3 -m venv env
source ./env/bin/activate
pip install -r requirements.txt
Using Python Script or Docker Container
Audit your iOS or Android apps for OWASP Mobile Top 10 and other vulnerabilities:
Test application from market:
./iwtools.py mobile https://play.google.com/store/apps/details?id=com.example
Test hosted application:
./iwtools.py mobile https://example.com/app.apk
Upload and test application:
./iwtools.py mobile "/home/user/app.apk"
Get raw API response in JSON format:
./iwtools.py mobile --format raw_json "/home/user/app.apk"
Test application from market using Docker:
docker run immuniweb/iwtools mobile "https://play.google.com/store/apps/details?id=com.example"
Check other command line options here.