# MobSF

## Introduction
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis, and security assessment framework capable of performing static and dynamic analysis.

## Table of Contents

1. [Introduction](#introduction)
2. [Prerequisites](#prerequisites)
3. [Installation](#installation)
4. [Usage](#usage)
5. [Post-launch](#post-launch)

## Prerequisites

- **Docker**: Make sure Docker is installed and running on your system.
- **Docker Compose**: Docker Compose is required to orchestrate the container setup.
- **Traefik Deployment**:
    - Deployed [Traefik standalone](https://git.van-hemmen.com/GuillaumeHemmen-DockerCompose-Infra/traefik-standalone) or
    - Deployed [Traefik Authelia](https://git.van-hemmen.com/GuillaumeHemmen-DockerCompose-Infra/traefik-authelia).

## Installation

1. Clone the repository:

```bash
git clone https://git.van-hemmen.com/GuillaumeHemmen-DockerCompose-Infra/mobsf.git
cd mobsf
```

2. Copy the environment variable template:

```bash
cp .env.dist .env
```

3. Customize the `.env` file as necessary for your environment.

## Usage

Start the MobSF service with Docker Compose:

```bash
docker compose up -d
```

Access MobSF by navigating to `https://<MOBSF_FQDN>` in your web browser. You will need to authenticate using the basic auth setup in your `.env` file.

**NOTE**: by default, super admin username/password is: mobsf/mobsf

## Post-launch

MobSF uses a fixed UID for the files persisted. To have the volume approach work, you must change the ownership of the data inside the volume as follows:

```bash
docker run --rm -v mobsf_data:/vol alpine sh -c "chown --recursive 9901:9901 /vol"
```

**Note**: The default volume name is assumed to be `mobsf_data`. Please adapt your command if it is different.