{% extends "base/base_layout.html" %} {% load static %} {% block sidebar_option %} sidebar-mini {% endblock %} {% block extra_css %} {% endblock %} {% block sidebar %} {% endblock %} {% block content %}

APP 分数

{% if icon_hidden %} 隐藏 Icon! {% endif %}

{% if average_cvss %} 平均 CVSS {{ average_cvss }}
{% endif %} 安全分 {{ appsec.security_score }}/100
{% if trackers.detected_trackers > 0 %} 跟踪器检测 {{ trackers.detected_trackers }}/{{ trackers.total_trackers }}
{% else %} 检测器检测 {{ trackers.detected_trackers }}/{{ trackers.total_trackers }}
{% endif %}

MobSF 评分卡

文件信息

File Name {{ file_name }}
Size {{ size }}
MD5 {{ md5 }}
SHA1 {{ sha1 }}
SHA256 {{ sha256 }}

APP 信息

App Name {{ app_name }}
Package Name {{ package_name }}
Main Activity {{ main_activity }}
Target SDK {{ target_sdk }} Min SDK {{ min_sdk }} Max SDK {{ max_sdk }}
Android Version Name {{ version_name }} Android Version Code {{ version_code }}
{% if not playstore_details.error %}

Google Play商店信息

Title {{ playstore_details.title }}
Score {{ playstore_details.score}} Installs {{ playstore_details.installs }} Price {{ playstore_details.price }} Android Version Support {{ playstore_details.androidVersionText }} Category {{ playstore_details.genre }} Play Store URL {{ package_name }}
Developer Details {{playstore_details.developer}}, {{playstore_details.developerId}}, {{playstore_details.developerAddress}}, {{playstore_details.developerWebsite}}, {{playstore_details.developerEmail}},
Release Date {{ playstore_details.released }} Privacy Policy Privacy link
Description
{{ playstore_details.description }}
{% endif %}

{{ activities | length }}

ACTIVITIES组件

View

{{ services | length }}

SERVICES组件

查看

{{ receivers | length }}

RECEIVERS组件

查看

{{ providers | length }}

PROVIDERS组件

查看
已导出
Activities组件
{{ exported_count.exported_activities }}
已导出
Services组件
{{ exported_count.exported_services }}
已导出
Receivers组件
{{ exported_count.exported_receivers}}
已导出
Providers组件
{{ exported_count.exported_providers }}
申请权限 应用程序权限

{% for perm,desc in permissions.items %} {% endfor %}
权限 状态 信息 说明
{{ perm }} {% if desc.status == 'dangerous' %} 危险 {% elif desc.status == 'normal' %} 正常 {% elif desc.status == 'signatureOrSystem' %} 签名系统 {% elif desc.status == 'signature' %} 签名 {% elif desc.status == 'unknown' %} 未知 {% endif %} {{ desc.info }} {{ desc.description }}

安卓 API

{% for rule, details in android_api.items %} {% endfor %}
API 文件
{{ details.metadata.description }} {% for file_path, lines in details.files.items %} {{ file_path }}
{% endfor %}

可查看的Activities

{% for activity,intent_details in browsable_activities.items %}
ACTIVITY INTENT
{{activity}} {% if intent_details|key:"schemes" %} Schemes: {% for scheme in intent_details|key:"schemes" %} {{scheme}}, {% endfor %}
{% endif %} {% if intent_details|key:"hosts" %} Hosts: {% for host in intent_details|key:"hosts" %} {{host}}, {% endfor %}
{% endif %} {% if intent_details|key:"ports" %} Ports: {% for port in intent_details|key:"ports" %} {{port}}, {% endfor %}
{% endif %} {% if intent_details|key:"mime_types" %} Mime Types: {% for mime in intent_details|key:"mime_types" %} {{mime}}, {% endfor %}
{% endif %} {% if intent_details|key:"paths" %} Paths: {% for path in intent_details|key:"paths" %} {{path}}, {% endfor %}
{% endif %} {% if intent_details|key:"path_prefixs" %} Path Prefixes: {% for prefix in intent_details|key:"path_prefixs" %} {{prefix}}, {% endfor %}
{% endif %} {% if intent_details|key:"path_patterns" %} Path Patterns: {% for pattern in intent_details|key:"path_patterns" %} {{pattern}}, {% endfor %}
{% endif %} {% endfor %}

网络安全

{% if network_security and 'network_summary' in network_security and network_security.network_summary|length > 0%}
危险
{{ network_security.network_summary.high }}
警告
{{ network_security.network_summary.warning }}
信息
{{ network_security.network_summary.info }}
安全
{{ network_security.network_summary.secure }}
{% endif %} {% if network_security and 'network_findings' in network_security %} {% for item in network_security.network_findings %} {% endfor %} {% endif %}
编号 范围 严重程度 说明
{{ forloop.counter }} {% for url in item.scope %} {{ url }}
{% endfor %}
{% if item.severity == "high" %} 危险 {% elif item.severity == "secure" %} 安全 {% elif item.severity == "info" %} 普通 {% elif item.severity == "warning" %} 警告 {% endif %} {{item.description }}

清单分析

{% if manifest_analysis and 'manifest_summary' in manifest_analysis and manifest_analysis.manifest_summary|length > 0%}
危险
{{ manifest_analysis.manifest_summary.high }}
警告
{{ manifest_analysis.manifest_summary.warning }}
普通
{{ manifest_analysis.manifest_summary.info }}
抑制规则
{{ manifest_analysis.manifest_summary.suppressed }}
{% endif %} {% if manifest_analysis and 'manifest_findings' in manifest_analysis %} {% for item in manifest_analysis.manifest_findings %} {% endfor %} {% endif %}
编号 问题 严重程度 说明 选项
{{ forloop.counter }} {{item|key:"title" | safe}} {% if item|key:"severity" == "high" %} 危险 {% elif item|key:"severity" == "info" %} 普通 {% elif item|key:"severity" == "warning" %} 警告 {% endif %} {{item|key:"description"}}

代码分析

{% if code_analysis and 'summary' in code_analysis and code_analysis.summary|length > 0 %}
危险
{{ code_analysis.summary.high }}
警告
{{ code_analysis.summary.warning }}
普通
{{ code_analysis.summary.info }}
安全
{{ code_analysis.summary.secure }}
抑制规则
{{ code_analysis.summary.suppressed }}
{% endif %} {% if code_analysis and 'findings' in code_analysis %} {% for rule, details in code_analysis.findings.items %} {% endfor %} {% endif %}
编号 问题 严重程度 标准 文件夹 选择
{{ forloop.counter }} {% if details.metadata|key:"ref" %} {{ details.metadata.description }} {% else %} {{ details.metadata.description }} {% endif %} {% if details.metadata.severity == "high" %} 危险 {% elif details.metadata.severity == "good" %} 安全 {% elif details.metadata.severity == "warning" %} 警告 {% elif details.metadata.severity == "info" %} 普通 {% endif %} {% if average_cvss %} CVSS V2: {{ details.metadata.cvss }} {% if details.metadata.cvss > 6 %} (high) {% elif details.metadata.cvss == 0 %} (info) {% elif details.metadata.cvss >= 4 %} (medium) {% elif details.metadata.cvss < 4 %} (low) {% endif %}
{% endif %} {% if details.metadata.cwe %} CWE: {{ details.metadata.cwe }}{% endif %} {% if details.metadata|key:"owasp-mobile" %}
OWASP Top 10: {{ details.metadata|key:"owasp-mobile" }}{% endif %} {% if details.metadata.masvs %}
OWASP MASVS: {{ details.metadata.masvs }}{% endif %}
{% for file_path, lines in details.files.items %} {{ file_path }}
{% endfor %}

NIAP分析体系 v1.3

{% for iden, details in niap_analysis.items %} {% endfor %}
编号 标识符 要求 特征 说明
{{ forloop.counter }} {{ iden }} {{ details.class }} {{ details.description }} {{ details.choice }}

文件分析

{% for item in file_analysis %} {% endfor %}
编号 问题 文件夹
{{ forloop.counter }} {{ item|key:"finding" }} {% for cert_f in item|key:"files" %} {{ cert_f }}
{% endfor %}

服务器位置

{% if domains %}


此应用程序可能与以下OFAC批准的国家/地区进行通信。

{% for domain, details in domains.items %} {% if details|key:"ofac" == True %} {% endif %} {% endfor %}
域名 国家/区域
{{domain}} IP: {{details|key:"geolocation"|key:"ip"}}
Country: {{details|key:"geolocation"|key:"country_long"}}
Region: {{details|key:"geolocation"|key:"region"}}
City: {{details|key:"geolocation"|key:"city"}}
{% endif %}

恶意域名检查

{% if domains %} {% for domain, details in domains.items %} {% endfor %}
域名 状态 地理定位
{{domain}} {% if details|key:"bad" == "yes" %} malware
                      URL: {{details|key:"domain_or_url"}}
                      IP: {{details|key:"ip"}}
                      描述: {{details|key:"desc"}}
                      
{% else %} ok
{% endif %}
{% if details|key:"geolocation" %} IP: {{details|key:"geolocation"|key:"ip"}}
Country: {{details|key:"geolocation"|key:"country_long"}}
Region: {{details|key:"geolocation"|key:"region"}}
City: {{details|key:"geolocation"|key:"city"}}
Latitude: {{details|key:"geolocation"|key:"latitude"}}
Longitude: {{details|key:"geolocation"|key:"longitude"}}
View: Google Map {% else %} No Geolocation information available. {% endif %}
{% endif %}

URLS

{% if urls %} {% for urldict in urls %} {% endfor %}
URL FILE
{% for u in urldict|key:"urls" %} {{ u }}
{% endfor %}
{{urldict|key:"path"}}
{% endif %}

Google Firebase 数据库

{% if firebase_urls %} {% for item in firebase_urls %} {% endfor %}
FIREBASE URL 详细
{{ item.url }} {% if item.open %} 危险
Firebase Database is exposed publicly. {% else %} 普通
App talks to a Firebase database. {% endif %}
{% endif %}

邮件

{% if emails %} {% for email_dict in emails %} {% endfor %}
邮件 文件
{% for e in email_dict|key:"emails" %} {{ e }}
{% endfor %}
{{email_dict|key:"path"}}
{% endif %}

追踪器

{% if trackers %} {% for trk in trackers|key:"trackers" %} {% endfor %}
名称 类别 URL
{{trk.name}} {{trk.categories}} {{trk.url}}
{% endif %}

硬编码

{% for val in secrets %} {{ val }}
{% endfor %}

字符串

From Code

{% for key, val in strings.items %} {% if key == 'strings_code' %} {% for v in val %} {{ v }}
{% endfor %} {% endif %} {% endfor %}

ACTIVITIES组件

{% for act in activities %} {{ act}}
{% endfor %}

SERVICES组件

{% for srv in services %} {{ srv}}
{% endfor %}

RECEIVERS组件

{% for rcv in receivers %} {{ rcv}}
{% endfor %}

PROVIDERS组件

{% for prv in providers %} {{ prv }}
{% endfor %}

LIBRARIES组件

{% for lib in libraries %} {{ lib }}
{% endfor %}

文件

{% for file in files %} {{ file}}
{% endfor %}

{% endblock %} {% block extra_scripts %} {% endblock %}