Ajin Abraham
Ajin Abraham
RULE ID: rule.ejs_ect_template DESCRIPTION: The EJS/ECT template has an unescaped variable. Untrusted user input passed to this variable results in Cross Site Scripting (XSS). TYPE: Regex PATTERN: SEVERITY: ERROR INPUTCASE:...
**Describe the bug** Exception happens here ``` Traceback (most recent call last): File "/home/seclab/Mobile-Security-Framework-MobSF/mobsf/MalwareAnalyzer/views/quark.py", line 48, in quark_analysis data.run(rule_checker) File "/home/seclab/Mobile-Security-Framework-MobSF/venv/lib/python3.9/site-packages/quark/Objects/quark.py", line 317, in run if self.check_parameter(parent_function, first_wrapper, second_wrapper): File...
### Describe the Pull Request ``` Enterprise Feature Request - False positive suppression support ``` Coverage - [x] Android - Code, Manifest - [x] iOS - Code - [x] iOS...
If you're requesting a new feature/enhancement, explain why you'd like it to be added and it's importance. **Is your feature request related to a problem? Please describe.** Current way to...
## Feature Requests & Enhancements ### These feature requests/enhancements are not the top priority for the project at this time or require major rework to implement them. If you would...
See if we can integrate https://github.com/reddr/axplorer/tree/master/permissions
Recent research shows that SHA1 is a weak hash function known to have collisions. Consider updating it to stronger collision resistant (at this time) hash functions like sha256. Ref: https://shattered.io/...
Like SQLMap for SQLi, I think Commix is the de facto standard tool for Command Injection. I am working on a project for automated mobile application security assessment called Mobile...
Good, bad, confusing
Google Text Content Search Plugin based on Google Custom Search API ### Commands ### * To search a term : `/bot s ` * To get text content from a...