-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathscan_apks.py
53 lines (41 loc) · 1.75 KB
/
scan_apks.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
import os
import csv
import subprocess
# Path to MAVS script
mavs_script = "./mavs-master/mavs.sh"
# Path to APK files folder
apk_folder = "./Apk_files"
# Output CSV file path
output_csv = "./scanning_results.csv"
# Header for the CSV file
csv_header = ["file name", "Hostname Verified", "auth in protected space",
"Logging Enabled (Log.e calls)", "Logging Enabled (Logger calls)",
"Snapshots Allowed", "Outdated Software Versions", "Backups Allowed",
"Cleartext Allowed", "Debugging Enabled", "hardcoded *.pem files"]
# List to store results for each APK
results_list = []
# Iterate through APK files in the folder
for idx, apk_file in enumerate(os.listdir(apk_folder)):
if apk_file.endswith(".apk"):
apk_path = os.path.join(apk_folder, apk_file)
# Print scanning progress
print(f"{idx + 1}. Scanning {apk_file}....")
# Run MAVS script for scanning
command = [mavs_script, "-f", apk_path]
result = subprocess.run(command, capture_output=True, text=True)
result_lines = result.stdout.split("\n")
# Extract relevant information from MAVS output
apk_results = [apk_file]
for line in result_lines:
for header in csv_header[1:]:
if header in line:
# Assign 1 for Vulnerable, 0 for Not Vulnerable
apk_results.append("1" if "Vulnerable" in line else "0")
results_list.append(apk_results)
# Write results to CSV file
with open(output_csv, "w", newline="") as csvfile:
csv_writer = csv.writer(csvfile)
csv_writer.writerow(csv_header)
csv_writer.writerows(results_list)
# Print a message indicating the CSV file generation completion
print(f"\nCSV file generated: {output_csv}")