REST API Docs

REST API Key: cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e

Static Analysis

  1. api/v1/upload - Upload a File
  2. api/v1/scan - Scan a File
  3. api/v1/scans - Display Recent Scans
  4. api/v1/delete_scan - Delete a Scan
  5. api/v1/scorecard - App Scorecard
  6. api/v1/download_pdf - Download PDF Report
  7. api/v1/report_json - Generate JSON Report
  8. api/v1/view_source - View Source Files
  9. api/v1/compare - Compare Apps
  10. api/v1/suppress_by_rule - Suppress by Rule
  11. api/v1/suppress_by_files - Suppress by Files
  12. api/v1/list_suppressions - List Suppressions
  13. api/v1/delete_suppression - Delete Suppressions

Dynamic Analysis

  1. api/v1/dynamic/get_apps - Get Apps for Dynamic Analysis
  2. api/v1/dynamic/start_analysis - Start Dynamic Analysis
  3. api/v1/android/logcat - View Logcat
  4. api/v1/android/mobsfy - MobSFy VM/Emulator/Device
  5. api/v1/android/adb_command - Execute ADB Commands
  6. api/v1/android/root_ca - Install or Remove MobSF Root CA
  7. api/v1/android/global_proxy - Set or Unset MobSF HTTP(S) Proxy
  8. api/v1/android/activity - Activity or Exported Activity Tester
  9. api/v1/android/start_activity - Start an Activity or Exported Activity
  10. api/v1/android/tls_tests - TLS/SSL Security Tester
  11. api/v1/frida/instrument - Frida Instrument App
  12. api/v1/frida/api_monitor - Frida API Monitor
  13. api/v1/frida/get_dependencies - Frida Get Dependencies
  14. api/v1/frida/logs - Frida View Logs
  15. api/v1/frida/list_scripts - Frida List Scripts
  16. api/v1/frida/get_script - Frida Get Script
  17. api/v1/dynamic/stop_analysis - Stop Dynamic Analysis
  18. api/v1/dynamic/report_json - Dynamic Analysis JSON report
  19. api/v1/dynamic/view_source - Dynamic Analysis View Source

Upload File API

API to upload a file. Supported file types are apk, zip, ipa and appx.

  • URL: /api/v1/upload

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
file multipart/form-data Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: {"file_name": "diva-beta.apk", "hash": "82ab8b2193b3cfb1c737e3a786be363a", "scan_type": "apk"}
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -F '[email protected]/Users/ajin/Desktop/diva-beta.apk' http://localhost:8000/api/v1/upload -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -F '[email protected]/Users/ajin/Desktop/diva-beta.apk' http://localhost:8000/api/v1/upload -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Scan File API

API to scan a file that is already uploaded.

  • URL: /api/v1/scan

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
scan_type xapk, apk, apks, zip, ipa, or appx Yes
file_name Name of the app with extension Yes
hash hash of the scan Yes
re_scan 0 or 1, default is 0 No

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content:
    {"act_count": "17", "api": {"Loading Native Code (Shared Library) ": {"path":
                      ["jakhar/aseem/diva/DivaJni.java"]}, "Local File I/O Operations": {"path":
                      ["jakhar/aseem/diva/InsecureDataStorage2Activity.java", "jakhar/aseem/diva/SQLInjectionActivity.java"]},
                      "Starting Activity": {"path": ["jakhar/aseem/diva/AccessControl1Activity.java",
                      "jakhar/aseem/diva/AccessControl2Activity.java", "jakhar/aseem/diva/AccessControl3Activity.java",
                      "jakhar/aseem/diva/MainActivity.java"]}, "Query Database of SMS, Contacts etc.": {"path":
                      ["jakhar/aseem/diva/AccessControl3NotesActivity.java", "jakhar/aseem/diva/NotesProvider.java"]}
                      SNIPPED
                      
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/scan --data "scan_type=apk&file_name=diva-beta.apk&hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/scan --data "scan_type=apk&file_name=diva-beta.apk&hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Delete Scan API

API to delete scan results.

  • URL: /api/v1/delete_scan

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: {"deleted": "yes"} or {"deleted": "scan hash not found"}
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/delete_scan --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/delete_scan --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

App Scorecrd API

Get MobSF Application Security Scorecard

  • URL: /api/v1/scorecard

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/scorecard --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/scorecard --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Generate PDF Report API

API to generate PDF Report.

  • URL: /api/v1/download_pdf

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/pdf
      Content: PDF Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/download_pdf --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/download_pdf --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Generate JSON Report API

API to generate JSON Report.

  • URL: /api/v1/report_json

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/report_json --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/report_json --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

View Source Files API

API to view source files.

  • URL: /api/v1/view_source

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes
file relative file path Yes
type apk/ipa/studio/eclipse/ios Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/view_source --data "hash=18e244926da1e49c5b8ffc1c30de8abc&type=apk&file=b/a/a/a/a/a.java" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        
    • curl -X POST --url http://localhost:8000/api/v1/view_source --data "hash=6c23c2970551be15f32bbab0b5db0c71&type=ipa&file=classdump.txt" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/view_source --data "hash=18e244926da1e49c5b8ffc1c30de8abc&type=apk&file=b/a/a/a/a/a.java" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        
    • curl -X POST --url http://localhost:8000/api/v1/view_source --data "hash=6c23c2970551be15f32bbab0b5db0c71&type=ipa&file=classdump.txt" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Display Recent Scans API

API to Display Recent Scans.

  • URL: /api/v1/scans

  • Method: GET

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
page the number of page Yes
page_size per page size Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: {"content": [{"id": 7, "ANALYZER": "static_analyzer_ios", "SCAN_TYPE": "ipa", "FILE_NAME": "ios.ipa", "APP_NAME": "helloworld", "PACKAGE_NAME": "com.kthcorp.helloworld", "VERSION_NAME": "1.0", "MD5": "6c23c2970551be15f32bbab0b5db0c71", "TIMESTAMP": "2020-11-15T03:17:11.733Z"}, {"id": 6, "ANALYZER": "static_analyzer", "SCAN_TYPE": "apk", "FILE_NAME": "android.apk", "APP_NAME": "HelloWorld", "PACKAGE_NAME": "opensecurity.helloworld", "VERSION_NAME": "1.0", "MD5": "3a552566097a8de588b8184b059b0158", "TIMESTAMP": "2020-11-15T03:16:34.171Z"}, {"id": 3, "ANALYZER": "static_analyzer", "SCAN_TYPE": "zip", "FILE_NAME": "ios_src.zip", "APP_NAME": "DamnVulnerableIOSApp", "PACKAGE_NAME": "com.highaltitudehacks.dvia.watchkitapp", "VERSION_NAME": "2.0", "MD5": "57bb5be0ea44a755ada4a93885c3825e", "TIMESTAMP": "2020-11-15T03:08:49.089Z"}], "count": 3, "num_pages": 1}
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl --url "http://localhost:8000/api/v1/scans" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        
    • curl --url "http://localhost:8000/api/v1/scans?page=1&page_size=10" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl --url "http://localhost:8000/api/v1/scans" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        
    • curl --url "http://localhost:8000/api/v1/scans?page=1&page_size=10" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Compare Apps API

API to Compare scan results.

  • URL: /api/v1/compare

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash1 first scan hash Yes
hash2 second scan hash to compare with Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/compare --data "hash1=82ab8b2193b3cfb1c737e3a786be363a&hash2=f56c96f2b1f0a7c46eb6fef3a035f3dd" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/compare --data "hash1=82ab8b2193b3cfb1c737e3a786be363a&hash2=f56c96f2b1f0a7c46eb6fef3a035f3dd" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Suppress by Rule

Suppress findings by rule id.

  • URL: /api/v1/suppress_by_rule

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes
type code or manifest Yes
rule rule id Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/suppress_by_rule --data "hash=82ab8b2193b3cfb1c737e3a786be363a&type=manifest&rule=app_allowbackup" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/suppress_by_rule --data "hash=82ab8b2193b3cfb1c737e3a786be363a&type=code&rule=android_logging" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Suppress by Files

Suppress findings by files.

  • URL: /api/v1/suppress_by_files

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes
type code Yes
rule rule id Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/suppress_by_files --data "hash=82ab8b2193b3cfb1c737e3a786be363a&type=code&rule=app_allowbackup" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/suppress_by_files --data "hash=82ab8b2193b3cfb1c737e3a786be363a&type=code&rule=android_logging" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

View Suppressions

View suppressions associated with a scan.

  • URL: /api/v1/list_suppressions

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/list_suppressions --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/list_suppressions --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Delete Suppressions

Delete suppressions.

  • URL: /api/v1/delete_suppression

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes
type code or manifest Yes
rule rule id Yes
kind rule or file Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/delete_suppression --data "hash=82ab8b2193b3cfb1c737e3a786be363a&kind=file&type=code&rule=android_sql_raw_query" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/delete_suppression --data "hash=82ab8b2193b3cfb1c737e3a786be363a&kind=rule&type=manifest&rule=receiver_exported_intent_filter_exists" -H "X-Mobsf-Api-Key:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Get Apps API

Get Apps available for Dynamic Analysis. You must perform static analysis before attempting dynamic analysis.

  • URL: /api/v1/dynamic/get_apps

  • Method: GET

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>


  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: { "apks": [ { "ICON_FOUND": true, "MD5": "3a552566097a8de588b8184b059b0158", "APP_NAME": "HelloWorld", "VERSION_NAME": "1.0", "FILE_NAME": "android.apk", "PACKAGE_NAME": "opensecurity.helloworld" }, { "ICON_FOUND": true, "MD5": "6825bb9fde2fc671322df005976755a1", "APP_NAME": "Wikipedia", "VERSION_NAME": "2.7.277-r-2019-12-11", "FILE_NAME": "org.wikipedia_2.7.277-r-2019-12-11-30277_minAPI19(x86)(nodpi)_apkmirror.com.apk", "PACKAGE_NAME": "org.wikipedia" }, ], "identifier": "192.168.56.139:5555", "proxy_ip": "192.168.56.1", "proxy_port": 1337, "title": "MobSF Dynamic Analysis", "version": "v3.1.8 Beta" }
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl --url http://localhost:8000/api/v1/dynamic/get_apps -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Start Dynamic Analysis API

Start MobSF Dynamic Analyzer. Ensure that dynamic analysis environment (Android VM/Emulator/Device) is configured and running before calling this API.

  • URL: /api/v1/dynamic/start_analysis

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes
re_install 0 or 1, default is 1 No
install 0 or 1, default is 1 No

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: { "screen_witdth": "1440", "screen_height": "2960", "package": "opensecurity.helloworld", "hash": "3a552566097a8de588b8184b059b0158", "android_version": 8, "version": "v3.1.8 Beta", "title": "Dynamic Analyzer" }
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/dynamic/start_analysis --data "hash=3a552566097a8de588b8184b059b0158" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

View Logcat API

API view Logcat logs.

  • URL: /api/v1/android/logcat

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
package package name of the app Yes

  • Success Response:

    • Code: 200
      Content-Type: text/event-stream
      Content: Logcat Stream Data
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/android/logcat --data "package=org.wikipedia" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

MobSFy API

API to MobSFY android runtime environment.

  • URL: /api/v1/android/mobsfy

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
identifier ADB identifier of Android VM/Emulator/Device Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: { "status": "ok", "android_version": 8 }
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/android/mobsfy --data "identifier=192.168.56.139:5555" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Execute ADB Commands API

Execute ADB commands inside VM/Emulator/Device.

  • URL: /api/v1/android/adb_command

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
cmd non blocking adb commands Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: { "status": "ok", "message": "acct\nbugreports\ncache\ncharger\nconfig\nadd\nadata\nadefault.prop\nadev\netc\nfstab.vbox86\ninit\ninit.environ.rc\ninit.rc\ninit.usb.configfs.rc\ninit.usb.rc\ninit.vbox86.rc\ninit.zygote32.rc\nmnt\nnonplat_file_contexts\nnonplat_hwservice_contexts\nnonplat_property_contexts\nnonplat_seapp_contexts\nnonplat_service_contexts\noem\nplat_file_contexts\nplat_hwservice_contexts\nplat_property_contexts\nplat_seapp_contexts\nplat_service_contexts\nproc\nrom.trace\nroot\nsbin\nsdcard\nsepolicy\nstorage\nsys\nsystem\ntmp\nueventd.rc\nueventd.vbox86.rc\nvar\nvendor\nvndservice_contexts\n" }
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/android/adb_command --data "cmd=shell ls" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Install or Remove Root CA API

API to install or remove MobSF Root CA to or from the Android VM/Emulator/Device.

  • URL: /api/v1/android/root_ca

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
action install/remove Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: { "status": "ok", "message": "installed" }
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/android/root_ca --data "action=install" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Set or Unset MobSF Global HTTP(S) Proxy API

API to apply or remove global HTTP(S) proxy configuration to Android VM/Emulator/Device.

  • URL: /api/v1/android/global_proxy

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
action set/unset Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: { "status": "ok", "message": "set" }
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/android/global_proxy --data "action=set" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Activity or Exported Activity Tester API

API to run Activity or Exported Activity Tester.

  • URL: /api/v1/android/activity

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes
test exported/activity Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: { "status": "ok" }
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/android/activity --data "hash=6825bb9fde2fc671322df005976755a1&test=exported" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Start Activity or Exported Activity API

API to manually launch an Activity or Exported Activity.

  • URL: /api/v1/android/start_activity

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes
activity Fully qualified name of the activity or exported activity Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: { "status": "ok" }
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/android/start_activity --data "hash=6825bb9fde2fc671322df005976755a1&activity=com.package.android.MainActivity" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

TLS/SSL Security Tester API

API to run TLS/SSL Security Tester.

  • URL: /api/v1/android/tls_tests

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: {"status": "ok", "tls_tests": {"tls_misconfigured": false, "no_tls_pin_or_transparency": false, "pin_or_transparency_bypassed": false, "has_cleartext": false}}
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/android/tls_tests --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Frida Instrument App API

API to start Frida Instrumentation.

  • URL: /api/v1/frida/instrument

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes
default_hooks comma separated default hooks to load. Yes
auxiliary_hooks comma separated auxiliary hooks to load. Yes
frida_code user defined frida code to load. Yes
class_name class name to perform method enumeration when `enum_methods` auxiliary_hook is specified. No
class_search pattern to search when `search_class` auxiliary_hook is specified. No
class_trace class name to trace when `trace_class` auxiliary_hook is specified. No

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: { "status": "ok" }
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/frida/instrument --data "hash=6825bb9fde2fc671322df005976755a1&default_hooks=api_monitor,ssl_pinning_bypass,root_bypass,debugger_check_bypass&auxiliary_hooks=&frida_code=" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

    OR

    • curl -X POST --url http://localhost:8000/api/v1/frida/instrument --data "hash=6825bb9fde2fc671322df005976755a1&default_hooks=api_monitor,ssl_pinning_bypass,root_bypass,debugger_check_bypass&auxiliary_hooks=enum_class,string_catch,string_compare,enum_methods,search_class,trace_class&class_name=java.io.File&class_search=ssl&class_trace=javax.net.ssl.TrustManager&frida_code=Java.perform(function()+%7B%0A++%2F%2F+Use+send()+for+logging%0A%7D)%3B" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Frida API Monitor API

API to view Frida API monitor output.

  • URL: /api/v1/frida/api_monitor

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/frida/api_monitor --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Frida Get Runtime Dependencies API

API to collect runtime dependencies.

  • URL: /api/v1/frida/get_dependencies

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: {"status": "ok"}
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/frida/get_dependencies --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Frida View Logs API

API to view Frida log output.

  • URL: /api/v1/frida/logs

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/frida/logs --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Frida List Scripts API

API to list available frida scripts.

  • URL: /api/v1/frida/list_scripts

  • Method: GET

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>


  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: { "status": "ok", "files": [ "hook_java_reflection", "jni_hook_by_address", "bypass_flag_secure", "file_trace", "hook_constructor", "jni_trace", "default", "get_android_id", "aes_key", "inputstream_dump", "helper" ] }
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl --url http://localhost:8000/api/v1/frida/list_scripts -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Frida Get Script API

API to generate frida script based on selection.

  • URL: /api/v1/frida/get_script

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
scripts[] name of the script from the output of Frida List Scripts (/api/v1/frida/list_scripts) API. Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/frida/get_script --data "scripts[]=hook_java_reflection&scripts[]=jni_hook_by_address&scripts[]=default&scripts[]=get_android_id" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Stop Dynamic Analysis API

Stop MobSF Dynamic Analyzer. This API must be called to stop dynamic analysis and prior to report generation.

  • URL: /api/v1/dynamic/stop_analysis

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: { "status": "ok" }
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/dynamic/stop_analysis --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Dynamic Analysis JSON Report API

Generate JSON Report of Dynamic Analysis. Stop Dynamic Analysis (/api/v1/dynamic/stop_analysis) API must be called before calling this API.

  • URL: /api/v1/dynamic/report_json

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/dynamic/report_json --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"
                        

Dynamic Analysis View Source API

API to view source of files dumped from device after dynamic analysis. Stop Dynamic Analysis (/api/v1/dynamic/stop_analysis) API must be called before calling this API.

  • URL: /api/v1/dynamic/view_source

  • Method: POST

  • Header: Authorization:<api_key> Or X-Mobsf-Api-Key:<api_key>

  • Data Params

Param Name Param Value Required
file relative path of the file Yes
type xml/db/others Yes
hash hash of the scan Yes

  • Success Response:

    • Code: 200
      Content-Type: application/json; charset=utf-8
      Content: JSON Contents
  • Error Response:

    • Code: 500 Internal Server Error or 405 Method Not Allowed or 422 Unprocessable Entity
      Content-Type: application/json; charset=utf-8
      Content: {"error": <error message> }

    OR

    • Code: 401 Unauthorized
      Content-Type: application/json; charset=utf-8
      Content: {"error": "You are unauthorized to make this request." }
  • Sample Call:

    • curl -X POST --url http://localhost:8000/api/v1/dynamic/view_source --data "file=data/data/org.wikipedia/shared_prefs/org.wikipedia_preferences.xml&hash=6825bb9fde2fc671322df005976755a1&type=xml" -H "Authorization:cfb87166319355a2e100221d18b203b18fae9e040052f14763b66c89676c136e"