UP
powered by

Mobile X-Ray

N/A tests running
apps tested

Just upload your iOS or Android mobile app to start a DAST, SAST and behavioral audit for OWASP Mobile Top 10 and other vulnerabilities.

Provided "as is" without any warranty of any kind
  • Step 1 Upload a mobile app
  • Step 2 Wait a moment
  • Step 3 View report

About the Service

This free online service is provided and operated by High-Tech Bridge for the benefit of cybersecurity community and independent mobile application developers.

It promptly detects the wide spectrum of most common weaknesses and vulnerabilities, including OWASP Mobile Top Ten, and provides a user-friendly report with remediation guidance.

The test is compounded of the following groups:

  • Static Application Security Testing (SAST)
  • Dynamic Application Security Testing (DAST)
  • Behavior Testing for privacy and malicious functionality
  • Data encryption testing when communicating with APIs and Web Services

The free service can test mobile applications for the following platform:

  • Android
  • Native Applications
  • Hybrid Applications (Cordova, PhoneGap, React, Xamarin)
  • iOS
  • Native Aplications
  • Hybrid Aplications (Cordova, PhoneGap, React, Xamarin)
For iOS developers: if you wish to test an iOS app it has to be compiled as a Simulator App. Provided are the steps to do this:

1. Run XCode and open your project
2. Right-click your Project Name and select "Show in Finder."
3. Right-click YourProject.xcodeproj and navigate to "Open With > Terminal".
4. Run "cd .." - your current working directory in the terminal is now your project's main directory.
5. Determine which iPhone Simulator you can build to by running "xcodebuild -showsdks"
6. Build your ap with the following command "xcodebuild -arch i386 -sdk iphonesimulator{version}"
7. Go to build/Release-iphonesimulator and zip file YourProject.app

Might you have any suggestions on how to improve the service please contact us by email:

SAST

Mobile X-Ray performs Static Application Security Testing (SAST) to detect the following weaknesses and vulnerabilities:

    DAST

    Mobile X-Ray performs Dynamic Application Security Testing (DAST) to detect the following weaknesses and vulnerabilities:

      Behavioral

      Mobile X-Ray performs behavioral testing to detect when mobile application tries to access some sensitive or privacy-related functions:

          Sample Mobile Application Test Results Trends & Statistics

          Powered and provided by ImmuniWeb® Application Security Platform.