Releases: MobSF/mobsfscan
Releases · MobSF/mobsfscan
0.3.9
0.3.8
0.3.7
What's Changed
- [SECURITY] Fix SSRF in applink check, dependency update. by @ajinabraham in #81
Full Changelog: 0.3.6...0.3.7
0.3.6
- Added Thredpool for assetlink.json check
- Android SDK bump for manifest analysis
- Handle AppLink host with asterisk
0.3.5
- Manifest Analysis Code QA
- Added new rules
strandhogg1.0, strandhogg2.0, AppLink assetlinks.json check, improved minsdk support check
- Bump dependencies
0.3.4
- Huge Performance Improvement from libsast bump
Full Changelog: 0.3.3...0.3.4
0.3.3
- Semgrep and libsast Bump
0.3.2
- iOS Objective C Biometric rule update
- iOS Swift Biometric rule description change.
0.3.1
- Add pre-scan suppression support for android manifest files by:
- Filename
- Pathname
- Handle
None
form user supplied config
0.3.0
- IOS Swift Rules updates
- Updated or added rules
ios_biometric_bool
ios_biometric_acl
ios_keychain_weak_acl_device_passcode
ios_keychain_weak_accessibility_value
ios_insecure_random_no_generator
- Updated or added rules
- Regex Hardening: Fixes possible Regex DoS
- Add support for
--type android|ios|auto
for explicitly forcing a rule set on source directory.