Merge from upstream #11

pavelkrcma · 2024-04-05T16:33:58Z

Merge from upstream

…xport (#2339) * Runtime Executable Tampering Detection * Add security.py * Code QA Performance * Code QA Runtime EXEC tampering detection * Corellium API QA + Domain support * REST API Docs + Datatables export

* MOBSF_CORELLIUM_API_DOMAIN Update Set the default of `MOBSF_CORELLIUM_API_DOMAIN` to `https://app.corellium.com` was it was not being picked up properly in `dynamic_analyzer.py` for iOS * Update corellium_apis.py * Update settings.py --------- Co-authored-by: Ajin Abraham <[email protected]>

* poetry pyqt5 fixes * QA * fix * Cert analysis qa * QA * pin pyqt5

…bSF (#2363) This PR strips out androguard and it's dependencies from MobSF. Extract androguard related functions used by MobSF. Some dependencies such as pyQt5 from apkinspector is breaking the ARM64 docker image. This should address that issue. In future, we will have to copy over any fixes to axml, apk, public, types from androguard and ZipEntry from apkinspector. We won't be adding linting to these files. The extracted functions will be considered as an external tool.

* Optimize rendering of big lists * Dynamic rendering in browser to improve ux Co-authored-by: Ajin Abraham <[email protected]>

fix error: if function.name.endswith('_chk'): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ TypeError: endswith first arg must be bytes or a tuple of bytes, not str Co-authored-by: Ajin Abraham <[email protected]>

…echnologies (#2373) Address: GHSA-wpff-wm84-x5cx

ajinabraham and others added 28 commits February 9, 2024 18:42

Runtime Exec Tampering Detection, iOS Dynamic REST APIs, Datatables E…

29df4f2

…xport (#2339) * Runtime Executable Tampering Detection * Add security.py * Code QA Performance * Code QA Runtime EXEC tampering detection * Corellium API QA + Domain support * REST API Docs + Datatables export

HOTFIX: Dependency bump

435274f

HOTFIX: Injected code overwrite revert

887a12c

HOTFIX: Bump deps + ELF strings check fix

e8eacc2

Add name parameter to create vm

f62f1d0

Add name support in ui

f20ee08

HOTFIX: Frida Logs API response code + Dependency bump

bfd8bc2

HOTFIX: Bump deps + expose Corellium stop app api

1e93205

Fix #2343

5c351b2

HOTFIX: target sdk bug

641f443

HOTFIX: Bump androguard + remove quark

a5338ee

HOTFIX: androguard bump

18931bc

Fix #2349

d4e6786

HOTFIX: Individual image publish

34473d3

HOTFIX:[SECURITY] Fix GHSA-wfgj-wrgh-h3r3, dep bump, docker build qa

5a8eeee

poetry pyqt5 fixes (#2362)

4417da0

* poetry pyqt5 fixes * QA * fix * Cert analysis qa * QA * pin pyqt5

Optimize rendering of big lists (#2351)

7645cee

* Optimize rendering of big lists * Dynamic rendering in browser to improve ux Co-authored-by: Ajin Abraham <[email protected]>

Fixes GHSA-m435-9v6r-v5f6

f22c584

Update SECURITY.md (#2364)

3a7d124

Update SECURITY.md (#2365)

356895c

Update SECURITY.md

482bda9

HOTFIX: Build and push docker arm64 and amd64 together

8a59d68

HOTFIX: Possible SSRF

ccfedc0

Resolve the situation where the function name is bytes (#2367)

6bce5a2

fix error: if function.name.endswith('_chk'): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ TypeError: endswith first arg must be bytes or a tuple of bytes, not str Co-authored-by: Ajin Abraham <[email protected]>

[HOTFIX][SECURITY] Fixes an SSRF vulnerability report from positive t…

43bb71d

…echnologies (#2373) Address: GHSA-wpff-wm84-x5cx

Update SECURITY.md

99977da

pavelkrcma merged commit a59ce49 into wandera:master Apr 8, 2024
7 of 8 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge from upstream #11

Merge from upstream #11

pavelkrcma commented Apr 5, 2024

Merge from upstream #11

Merge from upstream #11

Conversation

pavelkrcma commented Apr 5, 2024