# MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis, and security assessment framework capable of performing static and dynamic analysis.

### Usage of MobSF in Delivery Shield <a href="#usage-of-custom-policy-source-in-delivery-shield" id="usage-of-custom-policy-source-in-delivery-shield"></a>

* MobSF is now integrated with SSD, enabling static and dynamic security scans for mobile applications. This includes penetration testing, malware analysis, and privacy assessments.

### To Manage MobSF: <a href="#to-manage-custom-policy-source" id="to-manage-custom-policy-source"></a>

1. Navigate to **Setup** > **Integrations**.
2. In the **Others** panel, click **MobSF**.

<figure><img src="https://2047464521-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MBEa1hoX6SqpDj-ymNs%2Fuploads%2FQEOtY5BU4FWw7nlr3xhK%2Fmobsf%201.png?alt=media&#x26;token=0f445102-c2df-48b1-be6a-1222325e23d0" alt=""><figcaption></figcaption></figure>

3. The MobSF integration page is displayed. Click **+New Account**.

<figure><img src="https://2047464521-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MBEa1hoX6SqpDj-ymNs%2Fuploads%2FqyOt8ptFjYc2cyjwKYL7%2Fmobsf%202.png?alt=media&#x26;token=e48e2545-01a7-40cf-9dec-8db8be101208" alt=""><figcaption></figcaption></figure>

4. In the popup that appears, enter the following details:
5. Enter the **Account Name**.&#x20;
6. Enable the **Static Scan** and **Dynamic Scan** as required.&#x20;
7. Select the **Teams** and the corresponding **Environments** from the dropdown for which you want the integration to be available. The integration will be available for the selected teams and environment only.

   You can select up to 5 teams for the integration to be displayed.

   * A sample is given below for reference:

   * In the example above,
     * if **Team 1**, **Team 2**, and **Team 3** are selected, only applications associated with these teams can access the integration. Any applications belonging to other teams, such as **Team 4**, will not have access to this account.
     * Even if the user who created this account is also an admin for **Team 4**, the integration account remains restricted and is not available for **Team 4**.
     * Access to the account is strictly limited to the specified **Teams** and **Environments** selected during account creation.

   * **For Organization Admins:**
     * When an **Organization Admin** creates an account without selecting specific **Teams** and **Environments**, the account will be universally applicable, granting access to **all teams** and **all environments** by default.

   * **For Team Admins with Multiple Teams:**
     * If a **Team Admin** who manages multiple teams creates an account without specifying particular **Teams** and **Environments**, the account will only be accessible to the teams for which the logged-in user holds admin privileges.
8. Click **Save**. The tool is connected.