StaCoAn
StaCoAn copied to clipboard
vincentcox
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
The fancy TreeView does not display on FF and IE browsers. TV invisible not initializing properly. Also the upload process seem to sometimes fail, silently. **Console IE:** > HTML1527: DOCTYPE...
sorted_tosort was wrongly indented
https://github.com/vincentcox/StaCoAn/blob/4abd2e3e7b5764b04f3b3500994428f78434200f/src/helpers/project.py#L82 There should be one tab less, so if any of you run into this issue just delete one tab on this line and it will be working a-ok.
I've just started the server and added a file for upload. Then waited 5 minutes without any result. Only after anaylzing the file directly I saw there was an issue...
``` WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.rits.cloning.Cloner (file:/Users/nils/Desktop/deploy/jadx/lib/cloning-1.9.10.jar) to field java.util.TreeSet.m WARNING: Please consider reporting this to the maintainers of com.rits.cloning.Cloner WARNING:...
Hello @vincentcox , I am facing this error after supplying the apk UnboundLocalError: local variable 'sorted_tosort' referenced before assignment [WARNING] 127.0.0.1 - - [10/Oct/2018 19:35:59] code 404, message File not...
It is recommended to add authentication module to the program to ensure that server resources are not abused. thank you :)
Consider adding these regular expressions which are not part of the list, 1. .*([a-zA-Z0-9]*-[a-zA-Z0-9]*){3,10}.* => To find salts, nonce used in code. 2. ([-]+(BEGIN\\sRSA\\sPRIVATE\\sKEY)[-]+[A-Za-z\\s0-9+/.=]{400}) => RSA Private keys 3. (?...
We can try to incorporate test cases that can be used to identify issues with SSL/TLS in Android apps. Reference Doc: https://developer.android.com/training/articles/security-ssl 1. Loading custom certificates into the Android KeyStore....
Metadata
Owner
Metadata
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.