Mobile Security Framework (MobSF)

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

MobSF Documentation:

Linux requirements:

  • Install Git: sudo apt-get install git
  • Install Python 3.8-3.9: sudo apt-get install python3.8
  • Install JDK 8+: sudo apt-get install openjdk-8-jdk
  • Install the following dependencies:
    sudo apt install python3-dev python3-venv python3-pip build-essential libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev wkhtmltopdf

For the Dynamic Analyzer to run, Genymotion and Android Studio Emulator can be used.
(According to the framework documentation the prefered option is Genymotion)


git clone
cd Mobile-Security-Framework-MobSF



In your web browser, navigate to http://localhost:8000/ to access MobSF web interface.

To test the Framework, this vulnerable Android app can be used:

Possible Errors:

# TypeError: expected str, bytes or os.PathLike object, not NoneType on file: /usr/lib/python3.8/


$ sudo nano /usr/lib/python3.8/

st = os.stat(str(path))