Version 1.0.0

.env.example

@@ -0,0 +1,25 @@
+SECRET_KEY='akj)aa@2rp+$duf_m$)4!@cc#()h@q(ag0f=h8#1@dlpdouni5'
+DEBUG=0
+DJANGO_ALLOWED_HOSTS=web localhost 127.0.0.1 [::1]
+ENV=PROD
+SQL_ENGINE=django.db.backends.postgresql
+SQL_DATABASE=postgres
+SQL_USER=postgres
+SQL_PASSWORD=postgres
+SQL_HOST=db
+SQL_PORT=5432
+LANG=en_US.UTF-8
+CWE_URL=https://cwe.mitre.org/data/definitions/
+DEFECTDOJO_URL=http://defectdojo:8080/finding/
+DEFECTDOJO_API_URL=http://defectdojo:8080/api/v2/
+DEFECTDOJO_API_KEY=
+DEFECTDOJO_ENABLED=False
+MALWAREDB_ENABLED=True
+MALWAREDB_URL=https://www.malwaredomainlist.com/mdlcsv.php
+VIRUSTOTAL_ENABLED=False
+VIRUSTOTAL_URL=https://www.virustotal.com/
+VIRUSTOTAL_FILE_URL=https://www.virustotal.com/gui/file/
+VIRUSTOTAL_API_URL_V3=https://www.virustotal.com/api/v3/
+VIRUSTOTAL_API_URL_V2=https://www.virustotal.com/vtapi/v2/
+VIRUSTOTAL_API_KEY=
+VIRUSTOTAL_UPLOAD=False

.gitignore

@@ -0,0 +1,5 @@
+.env
+app/logs/*
+app/media/*
+*.sqlite3
+**/__pycache__

Dockerfile

@@ -0,0 +1,44 @@
+FROM python:3.9.0-buster@sha256:8829824d85665db842f33f6a71960b00f3e3b329f297e499e24c748e29ae19f9
+# Update and package installation
+RUN apt-get update && \
+	apt-get clean && \
+	apt-get install -y ca-certificates-java --no-install-recommends && \
+	apt-get clean
+
+RUN apt-get update && \
+	apt-get install -y openjdk-11-jdk p11-kit wkhtmltopdf && \
+	apt-get install -y  && \
+	apt-get clean && \
+	update-ca-certificates -f
+
+# Get JADX Tool
+ENV JADX_VERSION 1.1.0
+
+RUN \
+    wget "https://github.com/skylot/jadx/releases/download/v$JADX_VERSION/jadx-$JADX_VERSION.zip" && \
+    unzip "jadx-$JADX_VERSION.zip"
+
+# Create a directory in the container in /app
+RUN mkdir /app
+
+# Copy the requirements to that directory
+COPY requirements.txt /app
+
+# Use /app as the workdir
+WORKDIR /app
+
+# Install python dependencies
+RUN pip install -r requirements.txt
+
+# Copy all to /app directory
+COPY . /app/
+
+# Encoding configuration
+ENV LANG en_US.UTF-8
+ENV LANGUAGE en_US:en
+ENV PYTHONIOENCODING utf8
+
+# Run the container as 1001 user
+USER 1001
+# Expose the 8000 port
+EXPOSE 8000

README.md

@@ -0,0 +1,97 @@
+## Mobile Audit
+
+![Icon](app/static/mobile_audit.png)
+
+**MobileAudit** - SAST and Malware Analysis for Android Mobile APKs
+
+---------------------------------------
+
+
+Django Web application for performing Static Analysis and detecting malware in Android APKs
+
+### Main features
+
+- Uses Docker for easy deployment in multiplatform environment
+- Extract all information of the APK
+- Analyze all the source code searching for weaknesses
+- All findings are categorized and follows CWE standards
+- Also highlight the Best Practices in Secure Android Implementation in the APK
+- The findings can be edited and the false positives can be triaged and deleted
+- All scan results can be exported to PDF
+- User authentication and user management
+
+### Integrations
+
+- Virus Total (API v3): it checks if there has been an scan of the APK and extract all its information. Also, there is the possibility of uploading the APK is selected a property in the environment (Disabled by default).
+- Defect Dojo (API v2): it is possible to upload the findings to the defect manager.
+- MalwareDB: it checks in the database if there are URLs in the APK that are related with Malware.
+
+### Components
+
+- **db**: PostgreSQL 13
+- **nginx**: Nginx 1.18.0
+- **web**: Android Audit App
+
+![Schema](app/static/schema.png)
+
+
+### Install
+
+Using Docker-compose:
+
+The provided `docker-compose.yml` file allows you to run the app locally in development. To start the container, run:
+
+```sh
+docker-compose up
+```
+
+If there are changes to the local Application Dockerfile, you can build the image with 
+
+```sh
+docker-compose build
+```
+
+Once the application has launched, you can test the application by navigating to: http://localhost:8888/ to access the dashboard.
+
+![Dashboard](app/static/dashboard.png)
+
+In each of the scans, it would have the following information:
+
+* Application Info
+* Security Info
+* Components
+* SAST Findings
+* Best Practices Implemented
+* Virus Total Info
+* Certificate Info
+* Strings
+* Databases
+* Files
+
+For easy access there is a sidebar on the left page of the scan:
+
+![Menu](app/static/menu.png)
+
+### Configuration
+
+All the environment variables are in a `.env` file, there is an `.env.example` with all the variables needed. Also there are collected in `app/config/settings.py`:
+
+```py
+CWE_URL = env('CWE_URL', 'https://cwe.mitre.org/data/definitions/')
+
+MALWAREDB_ENABLED = env('MALWAREDB_ENABLED', True)
+MALWAREDB_URL = env('MALWAREDB_URL', 'https://www.malwaredomainlist.com/mdlcsv.php')
+
+VIRUSTOTAL_ENABLED = env('VIRUSTOTAL_ENABLED', False)
+VIRUSTOTAL_URL = env('VIRUSTOTAL_URL', 'https://www.virustotal.com/')
+VIRUSTOTAL_FILE_URL = env('VIRUSTOTAL_FILE_URL', 'https://www.virustotal.com/gui/file/')
+VIRUSTOTAL_API_URL_V3 = env('VIRUSTOTAL_API_URL_V3', 'https://www.virustotal.com/api/v3/')
+VIRUSTOTAL_URL_V2 = env('VIRUSTOTAL_API_URL_V2', 'https://www.virustotal.com/vtapi/v2/file/')
+VIRUSTOTAL_API_KEY = env('VIRUSTOTAL_API_KEY', '')
+VIRUSTOTAL_UPLOAD = env('VIRUSTOTAL_UPLOAD', False)
+
+DEFECTDOJO_ENABLED = env('DEFECTDOJO_ENABLED', False)
+DEFECTDOJO_URL = env('DEFECTDOJO_URL', 'http://defectdojo:8080/finding/')
+DEFECTDOJO_API_URL = env('DEFECTDOJO_API_URL', 'http://defectdojo:8080/api/v2/')
+DEFECTDOJO_API_KEY = env('DEFECTDOJO_API_KEY', '')
+```

app/admin.py

@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.