API Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664
api/v1/upload
- Upload a Fileapi/v1/scan
- Scan a Fileapi/v1/scan_logs
- Display Live Scan Logsapi/v1/search
- Search a Scanapi/v1/scans
- Display Recent Scansapi/v1/tasks
- Display Scan Tasksapi/v1/delete_scan
- Delete a Scanapi/v1/scorecard
- App Scorecardapi/v1/download_pdf
- Download PDF Reportapi/v1/report_json
- Generate JSON Reportapi/v1/view_source
- View Source Filesapi/v1/compare
- Compare Appsapi/v1/suppress_by_rule
- Suppress by Ruleapi/v1/suppress_by_files
- Suppress by Filesapi/v1/list_suppressions
- List Suppressionsapi/v1/delete_suppression
- Delete Suppressionsapi/v1/dynamic/get_apps
- Get Apps for Dynamic Analysisapi/v1/dynamic/start_analysis
- Start Dynamic Analysisapi/v1/android/logcat
- View Logcatapi/v1/android/mobsfy
- MobSFy VM/Emulator/Deviceapi/v1/android/adb_command
- Execute ADB Commandsapi/v1/android/root_ca
- Install or Remove MobSF Root CAapi/v1/android/global_proxy
- Set or Unset MobSF HTTP(S) Proxyapi/v1/android/activity
- Activity or Exported Activity Testerapi/v1/android/start_activity
- Start an Activity or Exported Activityapi/v1/android/tls_tests
- TLS/SSL Security Testerapi/v1/frida/instrument
- Frida Instrument Appapi/v1/frida/api_monitor
- Frida API Monitorapi/v1/frida/get_dependencies
- Frida Get Dependenciesapi/v1/frida/logs
- Frida View Logsapi/v1/frida/list_scripts
- Frida List Scriptsapi/v1/frida/get_script
- Frida Get Scriptapi/v1/dynamic/stop_analysis
- Stop Dynamic Analysisapi/v1/dynamic/report_json
- Dynamic Analysis JSON reportapi/v1/dynamic/view_source
- Dynamic Analysis View Sourceapi/v1/ios/corellium_supported_models
- Supported Corellium iOS Modelsapi/v1/ios/corellium_ios_versions
- Supported Corellium iOS Versionsapi/v1/ios/corellium_create_ios_instance
- Create an iOS VM in Corelliumapi/v1/ios/dynamic_analysis
- iOS Dynamic Analysisapi/v1/ios/corellium_start_instance
- Start iOS VM in Corelliumapi/v1/ios/corellium_stop_instance
- Stop iOS VM in Corelliumapi/v1/ios/corellium_unpause_instance
- Unpause iOS VM in Corelliumapi/v1/ios/corellium_reboot_instance
- Reboot iOS VM in Corelliumapi/v1/ios/corellium_destroy_instance
- Destroy iOS VM in Corelliumapi/v1/ios/corellium_list_apps
- List Apps in Corellium iOS VMapi/v1/ios/setup_environment
- Setup iOS Dynamic Analysis Environmentapi/v1/ios/dynamic_analyzer
- iOS Dynamic Analyzerapi/v1/ios/run_app
- Run Appapi/v1/ios/stop_app
- Stop Appapi/v1/ios/remove_app
- Remove Appapi/v1/ios/take_screenshot
- Take Screenshotapi/v1/ios/get_app_container_path
- Get App Container Pathapi/v1/ios/network_capture
- Network Captureapi/v1/ios/live_pcap_download
- Live PCAP Downloadapi/v1/ios/ssh_execute
- SSH Executeapi/v1/ios/download_app_data
- Download App Dataapi/v1/ios/instance_input
- Instance Inputapi/v1/ios/system_logs
- System Logsapi/v1/ios/file_upload
- File Uploadapi/v1/ios/file_download
- File Downloadapi/v1/frida/ios_instrument
- Frida Instrument Appapi/v1/dynamic/ios_report_json
- iOS Dynamic Analysis ReportAPI to upload a file. Supported file types are apk, zip, ipa and appx.
URL: /api/v1/upload
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
file | multipart/form-data | Yes |
Success Response:
200
application/json; charset=utf-8
{"file_name": "diva-beta.apk", "hash": "82ab8b2193b3cfb1c737e3a786be363a", "scan_type": "apk"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -F 'file=@/Users/ajin/Desktop/diva-beta.apk' http://localhost:8000/api/v1/upload -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -F 'file=@/Users/ajin/Desktop/diva-beta.apk' http://localhost:8000/api/v1/upload -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to scan a file that is already uploaded. Supports scanning apk, xapk, apks, jar, aar, zip, ipa, so, dylib, a, and appx extensions.
URL: /api/v1/scan
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
re_scan | 0 or 1, default is 0 | No |
Success Response:
200
application/json; charset=utf-8
{"act_count": "17", "api": {"Loading Native Code (Shared Library) ": {"path":
["jakhar/aseem/diva/DivaJni.java"]}, "Local File I/O Operations": {"path":
["jakhar/aseem/diva/InsecureDataStorage2Activity.java", "jakhar/aseem/diva/SQLInjectionActivity.java"]},
"Starting Activity": {"path": ["jakhar/aseem/diva/AccessControl1Activity.java",
"jakhar/aseem/diva/AccessControl2Activity.java", "jakhar/aseem/diva/AccessControl3Activity.java",
"jakhar/aseem/diva/MainActivity.java"]}, "Query Database of SMS, Contacts etc.": {"path":
["jakhar/aseem/diva/AccessControl3NotesActivity.java", "jakhar/aseem/diva/NotesProvider.java"]}
SNIPPED
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/scan --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/scan --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API that provides live and latest scan logs.
URL: /api/v1/scan_logs
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
{ "logs": [ { "timestamp": "2024-08-04 00:23:35", "status": "Generating Hashes",
"exception": null }, { "timestamp": "2024-08-04 00:23:35", "status": "
Extracting APK", "exception": null }, { "timestamp": "2024-08-04 00:23:35",
"status": "Unzipping", "exception": null },
SNIPPED
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/scan_logs --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/scan_logs --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API for querying scan results. You can search using an MD5 checksum, app name, package name, or file name. The API returns the closest match based on your search term.
URL: /api/v1/search
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
query | hash of the scan or text | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
404 Not Found
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <You can search by MD5, app name, package name, or file name.> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/search --data "query=com.foo.bar" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/search --data "query=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to delete scan results.
URL: /api/v1/delete_scan
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
{"deleted": "yes"}
or {"deleted": "scan hash not found"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/delete_scan --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/delete_scan --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Get MobSF Application Security Scorecard
URL: /api/v1/scorecard
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/scorecard --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/scorecard --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to generate PDF Report.
URL: /api/v1/download_pdf
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/pdf
PDF Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/download_pdf --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/download_pdf --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to generate JSON Report.
URL: /api/v1/report_json
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/report_json --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/report_json --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to view source files.
URL: /api/v1/view_source
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
file | relative file path | Yes |
type | apk/ipa/studio/eclipse/ios | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/view_source --data "hash=18e244926da1e49c5b8ffc1c30de8abc&type=apk&file=b/a/a/a/a/a.java" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
curl -X POST --url http://localhost:8000/api/v1/view_source --data "hash=6c23c2970551be15f32bbab0b5db0c71&type=ipa&file=classdump.txt" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/view_source --data "hash=18e244926da1e49c5b8ffc1c30de8abc&type=apk&file=b/a/a/a/a/a.java" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
curl -X POST --url http://localhost:8000/api/v1/view_source --data "hash=6c23c2970551be15f32bbab0b5db0c71&type=ipa&file=classdump.txt" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to Display Recent Scans.
URL: /api/v1/scans
Method: GET
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
page | the number of page | Yes |
page_size | per page size | Yes |
Success Response:
200
application/json; charset=utf-8
{"content": [{"id": 7, "ANALYZER": "static_analyzer_ios", "SCAN_TYPE": "ipa", "FILE_NAME": "ios.ipa", "APP_NAME": "helloworld", "PACKAGE_NAME": "com.kthcorp.helloworld", "VERSION_NAME": "1.0", "MD5": "6c23c2970551be15f32bbab0b5db0c71", "TIMESTAMP": "2020-11-15T03:17:11.733Z"}, {"id": 6, "ANALYZER": "static_analyzer", "SCAN_TYPE": "apk", "FILE_NAME": "android.apk", "APP_NAME": "HelloWorld", "PACKAGE_NAME": "opensecurity.helloworld", "VERSION_NAME": "1.0", "MD5": "3a552566097a8de588b8184b059b0158", "TIMESTAMP": "2020-11-15T03:16:34.171Z"}, {"id": 3, "ANALYZER": "static_analyzer", "SCAN_TYPE": "zip", "FILE_NAME": "ios_src.zip", "APP_NAME": "DamnVulnerableIOSApp", "PACKAGE_NAME": "com.highaltitudehacks.dvia.watchkitapp", "VERSION_NAME": "2.0", "MD5": "57bb5be0ea44a755ada4a93885c3825e", "TIMESTAMP": "2020-11-15T03:08:49.089Z"}], "count": 3, "num_pages": 1}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl --url "http://localhost:8000/api/v1/scans" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
curl --url "http://localhost:8000/api/v1/scans?page=1&page_size=10" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl --url "http://localhost:8000/api/v1/scans" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
curl --url "http://localhost:8000/api/v1/scans?page=1&page_size=10" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Displays the scan tasks queue, accessible only when the asynchronous scan queue is enabled.
URL: /api/v1/tasks
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/tasks -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/tasks -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to Compare scan results.
URL: /api/v1/compare
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash1 | first scan hash | Yes |
hash2 | second scan hash to compare with | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/compare --data "hash1=82ab8b2193b3cfb1c737e3a786be363a&hash2=f56c96f2b1f0a7c46eb6fef3a035f3dd" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/compare --data "hash1=82ab8b2193b3cfb1c737e3a786be363a&hash2=f56c96f2b1f0a7c46eb6fef3a035f3dd" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Suppress findings by rule id.
URL: /api/v1/suppress_by_rule
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
type | code or manifest | Yes |
rule | rule id | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/suppress_by_rule --data "hash=82ab8b2193b3cfb1c737e3a786be363a&type=manifest&rule=app_allowbackup" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/suppress_by_rule --data "hash=82ab8b2193b3cfb1c737e3a786be363a&type=code&rule=android_logging" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Suppress findings by files.
URL: /api/v1/suppress_by_files
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
type | code | Yes |
rule | rule id | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/suppress_by_files --data "hash=82ab8b2193b3cfb1c737e3a786be363a&type=code&rule=app_allowbackup" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/suppress_by_files --data "hash=82ab8b2193b3cfb1c737e3a786be363a&type=code&rule=android_logging" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
View suppressions associated with a scan.
URL: /api/v1/list_suppressions
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/list_suppressions --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/list_suppressions --data "hash=82ab8b2193b3cfb1c737e3a786be363a" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Delete suppressions.
URL: /api/v1/delete_suppression
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
type | code or manifest | Yes |
rule | rule id | Yes |
kind | rule or file | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/delete_suppression --data "hash=82ab8b2193b3cfb1c737e3a786be363a&kind=file&type=code&rule=android_sql_raw_query" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/delete_suppression --data "hash=82ab8b2193b3cfb1c737e3a786be363a&kind=rule&type=manifest&rule=receiver_exported_intent_filter_exists" -H "X-Mobsf-Api-Key: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Get Apps available for Dynamic Analysis. You must perform static analysis before attempting dynamic analysis.
URL: /api/v1/dynamic/get_apps
Method: GET
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Success Response:
200
application/json; charset=utf-8
{
"apks": [
{
"MD5": "3a552566097a8de588b8184b059b0158",
"APP_NAME": "HelloWorld",
"VERSION_NAME": "1.0",
"FILE_NAME": "android.apk",
"PACKAGE_NAME": "opensecurity.helloworld"
},
{
"MD5": "6825bb9fde2fc671322df005976755a1",
"APP_NAME": "Wikipedia",
"VERSION_NAME": "2.7.277-r-2019-12-11",
"FILE_NAME": "org.wikipedia_2.7.277-r-2019-12-11-30277_minAPI19(x86)(nodpi)_apkmirror.com.apk",
"PACKAGE_NAME": "org.wikipedia"
},
],
"identifier": "192.168.56.139:5555",
"proxy_ip": "192.168.56.1",
"proxy_port": 1337,
"title": "MobSF Dynamic Analysis",
"version": "v3.1.8 Beta"
}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl --url http://localhost:8000/api/v1/dynamic/get_apps -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Start MobSF Dynamic Analyzer. Ensure that dynamic analysis environment (Android VM/Emulator/Device) is configured and running before calling this API.
URL: /api/v1/dynamic/start_analysis
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
re_install | 0 or 1, default is 1 | No |
install | 0 or 1, default is 1 | No |
Success Response:
200
application/json; charset=utf-8
{
"screen_witdth": "1440",
"screen_height": "2960",
"package": "opensecurity.helloworld",
"hash": "3a552566097a8de588b8184b059b0158",
"android_version": 8,
"version": "v3.1.8 Beta",
"title": "Dynamic Analyzer"
}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/dynamic/start_analysis --data "hash=3a552566097a8de588b8184b059b0158" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API view Logcat logs.
URL: /api/v1/android/logcat
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
package | package name of the app | Yes |
Success Response:
200
text/event-stream
Logcat Stream Data
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/android/logcat --data "package=org.wikipedia" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to MobSFY android runtime environment.
URL: /api/v1/android/mobsfy
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
identifier | ADB identifier of Android VM/Emulator/Device | Yes |
Success Response:
200
application/json; charset=utf-8
{
"status": "ok",
"android_version": 8
}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/android/mobsfy --data "identifier=192.168.56.139:5555" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Execute ADB commands inside VM/Emulator/Device.
URL: /api/v1/android/adb_command
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
cmd | non blocking adb commands | Yes |
Success Response:
200
application/json; charset=utf-8
{
"status": "ok",
"message": "acct\nbugreports\ncache\ncharger\nconfig\nadd\nadata\nadefault.prop\nadev\netc\nfstab.vbox86\ninit\ninit.environ.rc\ninit.rc\ninit.usb.configfs.rc\ninit.usb.rc\ninit.vbox86.rc\ninit.zygote32.rc\nmnt\nnonplat_file_contexts\nnonplat_hwservice_contexts\nnonplat_property_contexts\nnonplat_seapp_contexts\nnonplat_service_contexts\noem\nplat_file_contexts\nplat_hwservice_contexts\nplat_property_contexts\nplat_seapp_contexts\nplat_service_contexts\nproc\nrom.trace\nroot\nsbin\nsdcard\nsepolicy\nstorage\nsys\nsystem\ntmp\nueventd.rc\nueventd.vbox86.rc\nvar\nvendor\nvndservice_contexts\n"
}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/android/adb_command --data "cmd=shell ls" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to install or remove MobSF Root CA to or from the Android VM/Emulator/Device.
URL: /api/v1/android/root_ca
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
action | install/remove | Yes |
Success Response:
200
application/json; charset=utf-8
{
"status": "ok",
"message": "installed"
}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/android/root_ca --data "action=install" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to apply or remove global HTTP(S) proxy configuration to Android VM/Emulator/Device.
URL: /api/v1/android/global_proxy
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
action | set/unset | Yes |
Success Response:
200
application/json; charset=utf-8
{
"status": "ok",
"message": "set"
}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/android/global_proxy --data "action=set" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to run Activity or Exported Activity Tester.
URL: /api/v1/android/activity
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
test | exported/activity | Yes |
Success Response:
200
application/json; charset=utf-8
{
"status": "ok"
}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/android/activity --data "hash=6825bb9fde2fc671322df005976755a1&test=exported" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to manually launch an Activity or Exported Activity.
URL: /api/v1/android/start_activity
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
activity | Fully qualified name of the activity or exported activity | Yes |
Success Response:
200
application/json; charset=utf-8
{
"status": "ok"
}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/android/start_activity --data "hash=6825bb9fde2fc671322df005976755a1&activity=com.package.android.MainActivity" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to run TLS/SSL Security Tester.
URL: /api/v1/android/tls_tests
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "tls_tests": {"tls_misconfigured": false, "no_tls_pin_or_transparency": false, "pin_or_transparency_bypassed": false, "has_cleartext": false}}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/android/tls_tests --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to start Frida Instrumentation.
URL: /api/v1/frida/instrument
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
default_hooks | comma separated default hooks to load | Yes |
auxiliary_hooks | comma separated auxiliary hooks to load | Yes |
frida_code | user defined frida code to load | Yes |
class_name | class name to perform method enumeration when `enum_methods` auxiliary_hook is specified | No |
class_search | pattern to search when `search_class` auxiliary_hook is specified | No |
class_trace | class name to trace when `trace_class` auxiliary_hook is specified | No |
frida_action | spawn/session/ps. The default action is spawn | No |
new_package | New package name to attach | No |
pid | Process id of the new package to attach | No |
Success Response:
200
application/json; charset=utf-8
{
"status": "ok"
}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/frida/instrument --data "hash=6825bb9fde2fc671322df005976755a1&default_hooks=api_monitor,ssl_pinning_bypass,root_bypass,debugger_check_bypass&auxiliary_hooks=&frida_code=" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
OR
curl -X POST --url http://localhost:8000/api/v1/frida/instrument --data "hash=6825bb9fde2fc671322df005976755a1&default_hooks=api_monitor,ssl_pinning_bypass,root_bypass,debugger_check_bypass&auxiliary_hooks=enum_class,string_catch,string_compare,enum_methods,search_class,trace_class&class_name=java.io.File&class_search=ssl&class_trace=javax.net.ssl.TrustManager&frida_code=Java.perform(function()+%7B%0A++%2F%2F+Use+send()+for+logging%0A%7D)%3B" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to view Frida API monitor output.
URL: /api/v1/frida/api_monitor
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/frida/api_monitor --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to collect runtime dependencies.
URL: /api/v1/frida/get_dependencies
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/frida/get_dependencies --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to view Frida log output.
URL: /api/v1/frida/logs
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/frida/logs --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to list available frida scripts.
URL: /api/v1/frida/list_scripts
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
device | android/ios | Yes |
Success Response:
200
application/json; charset=utf-8
{
"status": "ok",
"files": [
"hook_java_reflection",
"jni_hook_by_address",
"bypass_flag_secure",
"file_trace",
"hook_constructor",
"jni_trace",
"default",
"get_android_id",
"aes_key",
"inputstream_dump",
"helper"
]
}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/frida/list_scripts --data "device=android" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to generate frida script based on selection.
URL: /api/v1/frida/get_script
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
scripts[] | name of the script from the output of Frida List Scripts (/api/v1/frida/list_scripts) API. | Yes |
device | android/ios | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/frida/get_script --data "device=android&scripts[]=hook_java_reflection&scripts[]=jni_hook_by_address&scripts[]=default&scripts[]=get_android_id" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Stop MobSF Dynamic Analyzer. This API must be called to stop dynamic analysis and prior to report generation.
URL: /api/v1/dynamic/stop_analysis
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
{
"status": "ok"
}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/dynamic/stop_analysis --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Generate JSON Report of Dynamic Analysis. Stop Dynamic Analysis (/api/v1/dynamic/stop_analysis) API must be called before calling this API.
URL: /api/v1/dynamic/report_json
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/dynamic/report_json --data "hash=6825bb9fde2fc671322df005976755a1" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
API to view source of files dumped from device after dynamic analysis. Stop Dynamic Analysis (/api/v1/dynamic/stop_analysis) API must be called before calling this API.
URL: /api/v1/dynamic/view_source
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
file | relative path of the file | Yes |
type | xml/db/others | Yes |
hash | hash of the scan | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/dynamic/view_source --data "file=data/data/org.wikipedia/shared_prefs/org.wikipedia_preferences.xml&hash=6825bb9fde2fc671322df005976755a1&type=xml" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
List out supported iOS Corellium VMs.
URL: /api/v1/ios/corellium_supported_models
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/corellium_supported_models -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
List out supported iOS versions for a device.
URL: /api/v1/ios/corellium_ios_versions
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
model | iOS model | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/corellium_ios_versions --data "model=iPhone15,3" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Create a jailbroken iOS instance in Corellium with desired flavor and iOS version.
URL: /api/v1/ios/corellium_create_ios_instance
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
project_id | Corellium Project ID | Yes |
name | Name of the VM | Yes |
flavor | iOS Flavor | Yes |
version | iOS Version | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/corellium_create_ios_instance --data "project_id=728bb423-68bc-4300-a484-6e32a43be9cf&name=iosvm&flavor=iphone15p&version=16.0" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
List iOS Instance & Apps Available for Dynamic Analysis.
URL: /api/v1/ios/dynamic_analysis
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/dynamic_analysis -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Start iOS VM in previously created in Corellium by instance identifier.
URL: /api/v1/ios/corellium_start_instance
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS VM instance identifier | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "Starting VM Instance"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/corellium_start_instance --data "instance_id=ce9cf65d-5ce5-4fad-823f-5d784c802d21" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Stop iOS VM in Corellium by instance identifier.
URL: /api/v1/ios/corellium_stop_instance
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS VM instance identifier | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "Instance stopped"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/corellium_stop_instance --data "instance_id=ce9cf65d-5ce5-4fad-823f-5d784c802d21" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Unpause iOS VM in Corellium by instance identifier.
URL: /api/v1/ios/corellium_unpause_instance
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS VM instance identifier | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "Instance unpaused"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/corellium_unpause_instance --data "instance_id=ce9cf65d-5ce5-4fad-823f-5d784c802d21" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Reboot iOS VM in Corellium by instance identifier.
URL: /api/v1/ios/corellium_reboot_instance
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS VM instance identifier | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "Rebooting instance"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/corellium_reboot_instance --data "instance_id=ce9cf65d-5ce5-4fad-823f-5d784c802d21" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Destroy iOS VM in Corellium by instance identifier.
URL: /api/v1/ios/corellium_destroy_instance
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS VM instance identifier | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "Destroying instance"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/corellium_destroy_instance --data "instance_id=ce9cf65d-5ce5-4fad-823f-5d784c802d21" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
List all apps present in the Corellium iOS VM.
URL: /api/v1/ios/corellium_list_apps
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Data Params
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS VM instance identifier | Yes |
Success Response:
200
application/json; charset=utf-8
JSON Contents
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/corellium_list_apps --data "instance_id=ce9cf65d-5ce5-4fad-823f-5d784c802d21" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Setup iOS Dynamic Analysis Environment for an IPA. This API call is required for apps not installed in the Corellium iOS VM.
URL: /api/v1/ios/setup_environment
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id | Yes |
hash | MD5 hash of the IPA file | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "Testing Environment is Ready!"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/setup_environment --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&hash=35469622303ba10a2195557a3ad1810a" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Start iOS Dynamic Analyzer with an app. Setup environment (api/v1/ios/setup_environment) API should be called before running dynamic analyzer for IPAs not installed in the Corellium VM.
URL: /api/v1/ios/dynamic_analyzer
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
bundle_id | iOS app bundle id (Available from /api/v1/ios/dynamic_analysis) | Yes |
Success Response:
200
application/json; charset=utf-8
{"hash": "9d6698108e706f669183737f8d20e1e4", "instance_id": "bd057756-87a8-45a6-945d-35c7ce48eafe", "bundle_id": "com.highaltitudehacks.DVIAswiftv2", "version": "v3.9.4 Beta", "form": null, "title": "iOS Dynamic Analyzer"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/dynamic_analyzer --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&bundle_id=com.highaltitudehacks.DVIAswiftv2" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Run the app in the Corellium VM.
URL: /api/v1/ios/run_app
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
bundle_id | iOS app bundle id (Available from /api/v1/ios/dynamic_analysis) | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "App Started"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/run_app --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&bundle_id=com.highaltitudehacks.DVIAswiftv2" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Kill the app in the Corellium VM.
URL: /api/v1/ios/stop_app
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
bundle_id | iOS app bundle id (Available from /api/v1/ios/dynamic_analysis) | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "App Killed"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/stop_app --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&bundle_id=com.highaltitudehacks.DVIAswiftv2" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Remove an app from the Corellium VM.
URL: /api/v1/ios/remove_app
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
bundle_id | iOS app bundle id (Available from /api/v1/ios/dynamic_analysis) | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "App uninstalled"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/remove_app --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&bundle_id=com.highaltitudehacks.DVIAswiftv2" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Take a screenshot.
URL: /api/v1/ios/take_screenshot
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA..."}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/take_screenshot --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Get App container path. App must be instrumented before calling this API.
URL: /api/v1/ios/get_app_container_path
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
bundle_id | iOS app bundle id (Available from /api/v1/ios/dynamic_analysis) | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "/var/mobile/Containers/Data/Application/DDEACD38-727E-491C-AB9B-5DE80BB9EA71/"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/get_app_container_path --data "bundle_id=com.highaltitudehacks.DVIAswiftv2" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Enable/Disable Network Capture.
URL: /api/v1/ios/network_capture
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
state | on/off | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "Enabled network capture"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/network_capture --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&state=on" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Download live packet capture.
URL: /api/v1/ios/live_pcap_download
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
Success Response:
200
application/vnd.tcpdump.pcap
PCAP File
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/live_pcap_download --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Execute OS Commands inside the VM over SSH.
URL: /api/v1/ios/ssh_execute
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
cmd | OS Command | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "Library\nMedia\n\n"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/ssh_execute --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&cmd=ls" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Download app data from the VM.
URL: /api/v1/ios/download_app_data
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
bundle_id | iOS app bundle id (Available from /api/v1/ios/dynamic_analysis) | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "Downloaded application data"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/download_app_data --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&bundle_id=com.highaltitudehacks.DVIAswiftv2" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Provide text, swipe and touch events to the VM
URL: /api/v1/ios/instance_input
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
x | x-axis integer / Text input text when event parameter is set to text | No |
y | y-axis integer | No |
event | text/home/enter/backspace/left/right/swipe_up/swipe_down/swipe_left/swipe_right/touch. | No |
max_x | Max Screen size x-axis | No |
max_y | Max Screen size y-axis | No |
Success Response:
200
application/json; charset=utf-8
{"status": "ok"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/instance_input --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&x=264&y=824&event=finger&max_x=750&max_y=1334" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Get VM system logs.
URL: /api/v1/ios/system_logs
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "iBoot version: iHoot-1975.1.46.1.2\r\ncorecrypto_kex..."}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/system_logs --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Upload a file to the the VM.
URL: /api/v1/ios/file_upload
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
file | multipart/form-data | Yes |
Success Response:
200
application/json; charset=utf-8
{"status": "ok"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -F "file=@/Users/foo/foo.sh" -F "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe" --url http://localhost:8000/api/v1/ios/file_upload -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Download a file from the VM.
URL: /api/v1/ios/file_download
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
file | Path to the file in VM | Yes |
Success Response:
200
application/octet-stream
File Data
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/ios/file_download --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&file=/var/mobile/Containers/Data/Application/6DC4F886-537F-4F6D-87EE-ED976F4F4682/Library/Application Support/com.braze.core.persistence/data/61cbc3f/remote-configuration.json" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Instrument iOS App.
URL: /api/v1/frida/ios_instrument
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
bundle_id | iOS app bundle id (Available from /api/v1/ios/dynamic_analysis) | Yes |
hash | MD5 hash of the IPA file | Yes |
default_hooks | comma separated default hooks to load | Yes |
dump_hooks | comma separated dump hooks to load (network,crypto,cookies,file-access,json,sqlite,data-dir,keychain,nslog,text-inputs,nsurlcredentialstorage,nsuserdefaults,pasteboard) | Yes |
auxiliary_hooks | comma separated auxiliary hooks to load | Yes |
frida_code | user defined frida code to load | Yes |
class_name | class name to perform method enumeration when `enum_methods` auxiliary_hook is specified | No |
class_search | pattern to search when `search_class` auxiliary_hook is specified | No |
class_trace | class name to trace when `trace_class` auxiliary_hook is specified | No |
method_search | look for classes with this method | No |
frida_action | spawn/session/ps. The default action is spawn | No |
new_package | New package name to attach | No |
pid | Process id of the new package to attach | No |
Success Response:
200
application/json; charset=utf-8
{"status": "ok", "message": "Frida Instrumentation successful"}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/frida/ios_instrument --data "frida_action=spawn&pid=&new_bundle_id=&hash=f49355aa96053a36248905f78d5419a8&bundle_id=com.1debit.beta.ChimeApp&instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&default_hooks=jailbreak_bypass&dump_hooks=network,crypto,cookies,file-access,json,sqlite,data-dir,keychain,nslog,text-inputs,nsurlcredentialstorage,nsuserdefaults,pasteboard&auxiliary_hooks=&class_name=&class_search=&method_search=asdad&class_trace=&frida_code=" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"
Get iOS Dynamic Analysis Report.
URL: /api/v1/dynamic/ios_report_json
Method: POST
Header: Authorization: <api_key>
Or X-Mobsf-Api-Key: <api_key>
Param Name | Param Value | Required |
---|---|---|
instance_id | iOS instance id (Available from /api/v1/ios/dynamic_analysis) | Yes |
bundle_id | iOS app bundle id (Available from /api/v1/ios/dynamic_analysis) | Yes |
Success Response:
200
application/json; charset=utf-8
{"hash": "9d6698108e706f669183737f8d20e1e4", "version": "v3.9.4 Beta", "title": "iOS Dynamic Analysis Report", "instance_id": "bd057756-87a8-45a6-945d-35c7ce48eafe", "bundleid": "com.highaltitudehacks.DVIAswiftv2", "trackers": {"detected_trackers": 0, "total_trackers": 432,...."}
Error Response:
500 Internal Server Error
or 405 Method Not Allowed
or 422 Unprocessable Entity
application/json; charset=utf-8
{"error": <error message> }
OR
401 Unauthorized
application/json; charset=utf-8
{"error": "You are unauthorized to make this request." }
Sample Call:
curl -X POST --url http://localhost:8000/api/v1/dynamic/ios_report_json --data "instance_id=bd057756-87a8-45a6-945d-35c7ce48eafe&bundle_id=com.highaltitudehacks.DVIAswiftv2" -H "Authorization: ed3b2e68167514dff1c364334fc20451071ead482248f88cea1f2372d429e664"