Scan "Sieve Test App"

Application summary

Platform: android

Package: com.mwr.example.sieve

Version: 1.0

SHA1 Hash: 1017a046cd963d7be05c7d6302de48c94b4c6850

Size: 359 KB

Scan summary

Icon

Date: Feb. 9, 2018, 8:55 p.m.

Vulnerability risk dashboard
Code coverage (% methods)

332/2796 methods

Risk Title Short description
High Virustotal malware analysis (MD5 based search) VirusTotal Malware analysis
High Debug mode enabled Application is compiled with debug mode enabled
Medium Application code not obfuscated Application's source code is not obfuscated and could be decompiled to retrieve the initial source code
Medium ELF binaries do not enforce secure binary properties Application do not enforce binary protections (ASLR, NX, RELRO, Stack canaries)
Potentially Backup mode enabled Application is enabling backup mode
Potentially Intent Spoofing The application is vulnerable to intent spoofing which may lead to inappropriate access
Potentially Services declared without permissions Declared services are not protected with global permissions
Potentially SQL injection Insecure use of SQL query API vulnerable to SQL injection
Important Exported activites, services and broadcast receivers list List of all exported components (activities, services, broadcast receivers, content providers)
Important Decompiled source code Retrieved source using open-source decompilers
Info Obfuscated methods List of code obfuscation status of all application\s componenets
Info Call to native methods List of native methods calls
Info Hardcoded SQL queries list Hardcoded SQL queries constant strings
Info Hardcoded urls list Hardcoded URL constant strings
Info Call to Inter-Process-Communication (IPC) API List of Interp-Process Communication (IPC) calls
Info Call to External Storage API List of external storage API calls
Info APK files list List of all files shipped in the application.
Info Call to logging API List of logging API calls
Info APK attack surface List of components potentially accepting user input
Info Hardcoded strings list Hardcoded strings
Info Application components list List application's components
Info Android Manifest APK Manifest in XML
Info Application certificate information Application signing certificate details
Info Call to Reflection API List of reflection API calls
Info Call to Random API List of random API calls
Info Call to SQLite query API List of SQLite query API calls
Info Call to dynamic code loading API List of dynamic code loading API calls
Info List of JNI methods List of JNI methods defined in ELF files and used by the application