MobSF Tutorial: How to Forensically Analyze an Android APK in 10 Minutes

Описание: 🧩 Learn for free on Brilliant for a full 30 days: https://brilliant.org/FreshForensics | You’ll also get 20% off an annual Premium subscription.

Ever wondered how safe the apps on your phone REALLY are? In this video, we break down how to analyze Android APKs using Mobile Security Framework - all while running it safely in a Docker container. You’ll see how MobSF provides a clear security score and an in-depth report that highlights potential risks, permissions abuse, and suspicious behaviors, helping you make smarter decisions about the apps you install.

📢 FTC Disclaimer:
This video was sponsored by Brilliant!

🌐 MobSF Official GitHub:
https://github.com/MobSF/Mobile-Secur...

🐋 Docker Installation Guide:
https://docs.docker.com/get-docker

🐞 Enable Developer Options + USB Debugging
Open Settings → About phone, tap Build number seven times, then go to Developer options and toggle USB debugging on. When you plug into your computer, tap Allow on the USB debugging prompt.

🕘 Timestamps:
00:01 – Why Choose MobSF?
01:14 – Welcome to the Fresh Forensics Lab!
01:30 – Learn for Free on Brilliant
03:00 – Setting Up MobSF: The Basics
05:00 – Installing Docker
06:20 – Managing Docker Without Root Access
08:41 – Checking Docker Installation Status
09:50 – Searching for the MobSF Docker Image
11:13 – Pulling the MobSF Docker Container
11:58 – Running the MobSF Docker Container
13:43 – Fixing the "Connection Was Reset" Issue
14:15 – Logging Into MobSF for the First Time
15:40 – Getting the Android APK
16:05 – Mirroring Your Android Phone with Scrcpy
16:30 – Enabling Developer Options on Your Phone
17:30 – Installing ADB (Android Debug Bridge)
18:00 – Connecting Your Phone Over ADB
18:45 – Downloading the Flashlight APK
19:23 – Listing All Installed 3rd Party APKs
20:00 – Finding the APK Name
20:35 – Locating the APK Path
24:40 – Uploading & Analyzing the APK
26:50 – Reviewing MobSF Logs
29:30 – Exploring the MobSF Analysis Results
30:40 – Understanding the MobSF Dashboard
31:48 – Reviewing APK Permissions
36:00 – Analyzing Server Locations in MobSF
38:20 – Identifying Hardcoded Secrets in the APK
39:12 – Exploring the MobSF App Security Scorecard
41:45 – Checking for OFAC Sanctioned Countries
43:20 – Saving MobSF Results to PDF
45:00 – Shutting Down the Docker Container
45:42 – Removing APK from Your Phone

🎶 Music Credits
🔹 Fresh Forensics - It's Everything
by Fresh Forensics

⚠️ Safety Tip: Always analyze APKs in a controlled environment. Never run unknown or untrusted apps directly on your primary device.