iForensics App Sandbox
Mobile Application Security Testing Solution
iForensics App Sandbox UI

iForensics App Sandbox

  • Semi-automated workflow to enhance operational efficiency.
  • Utilizes physical device sandbox technology for accurate testing.
  • Performs static feature analysis, source code security analysis, and dynamic behavior analysis.
  • Web-based interface with visualized results for intuitive and streamlined reporting.
  • Displays external connection IP geolocation.
  • Integrates with malware intelligence databases to quickly identify suspicious apps.
Product Brief Contact Us
Description
  • Provides an intuitive web interface with English/Chinese language support, allowing seamless Android app uploads and analysis.
  • Displays key app details, including MD5/SHA256 hash, SDK version, app name, file type, file size, analysis duration, and platform.
  • Supports both physical and virtual sandbox environments, offering dynamic and static analysis for smartphones, tablets, and other real devices.
  • Detects security risks and permissions, automatically verifying VirusTotal malware scan results using app hashes.
  • Organizes app inspection records into projects, allowing easy creation and deletion of analysis tasks.
  • Offers both automated and manual analysis, with real-time progress tracking.
  • Supports batch uploads, enabling multiple apps to be analyzed simultaneously.
  • Performs dynamic behavior analysis, identifying privilege escalation, data access, recording, camera usage, network connections, and dynamic code execution.
  • Captures and analyzes unencrypted network packets, displaying IP geolocation using an interactive world map.
  • Decrypts HTTPS traffic using Man-in-the-Middle techniques, revealing packet details.
  • Displays TLS versions, encryption algorithms, key lengths, and certificate issuers for HTTPS connections.
  • Identifies AES or DES encryption usage, extracting input parameters and encryption keys when available.
  • Logs SMS transmissions and call behaviors, including message content and dialed numbers.
  • Tracks file activity, listing all read, generated, and deleted files with timestamps.
  • Identifies and logs broadcast receiver events triggered during app execution.
  • Records SQL queries used for database access, with timestamps.
  • Captures app screenshots and integrates them into the final analysis report.
  • Monitors peripheral activity, including WiFi, GPS, Bluetooth, NFC, IMEI, and IMSI.
  • Supports full app decompilation, enabling in-depth reverse engineering.
  • Performs static analysis to detect privilege escalation, unauthorized data access, recording, and external connections.
  • Analyzes AES or DES encryption usage within app code.
  • Maps app permissions to decompiled functions, providing a detailed security overview.
  • Generates interactive function call relationship diagrams for deeper analysis.
  • Enables keyword-based searches across decompiled code, network packets, logs, and app file contents, with automatic highlighting.
  • Supports predefined keyword groups for quick result comparisons across different apps.
  • Exports detailed network activity, including all identified IP addresses.
  • Generates comprehensive analysis reports in HTML or PDF format, preserving all insights and keyword search results.
  • Supports full or selective report printing, offering flexibility in documentation.