Friday, 2 August 2013

What is HackApp?

HackApp is a web based service designed for mobile apps' static security analysis. It identifies critical and suspicious information in a bundle, such as:
  • Certificates and keys,
  • Authentication secrets,
  • License Control,
  • Compilation flaws.
What HackApp is not:
  • Tool for software piracy,
  • AntiVirus system.
The main goal is to find information disclosure, which can be used in attacks against app's users or vendor's infrastructure. 

How to use it ?
At first, you have to sign-in, using your Twitter or LinkedIn account:



Then you will see a dashboard - the home page for logged users:


- Here you can add apps by clicking button "Add app". If you want to get apps directly from iTunes, use link to the app's page, such as https://itunes.apple.com/cn/app/betaround/id553850953 (Only free apps are supported). Or you can just upload a *.ipa bundle. 
- Then you click 'Analyse'. 
- HackApp will download and analyse your app. Usually it takes about 2-3 minutes.
- When the app changes status to 'Completed', you can open report by click on the app's name:
Here you can see basic app info (version, drm, etc), browse the bundle as a directory and get info about bugs:



That's it, all you need to know for start. If you will find any bugs in our's system you can always report it to our twitter:  @hackappcom

11 comments:

  1. Internal Server Error

    The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.

    while trying to analize local stored APK file

    ReplyDelete
    Replies
    1. Hi, thanks for report,hackapp supports only iOS apps.
      When Android apps support will be implemented, we will announce it in twitter. Follow us :)

      Delete
  2. I have an app which service cannot analyze :/ Just "Analysing" all time.
    Can u tell me an email address for link to this app?

    ReplyDelete
    Replies
    1. scan id: db57ad2cc0eb92ddccc8a98a6ee98c78

      Delete
    2. Thank's for report. I've got problems with encoding. I can't say for sure when we will be able to check this application, but have just implemented workaround, which handles such exceptions and allows to continue work with other apps.

      Delete
  3. самые интересные приложения не анализируются ;)

    ReplyDelete
  4. Hi guys I'm brand new to this forum and I would like some help on building a gaming PC in the $550-$600. I going to run it on a Linux OS like Ubuntu or something.candy crush it level 59

    ReplyDelete
  5. Your blog is very useful for me.I really like you post.Thanks for sharing.
    goldenslot
    สูตรบาคาร่า

    ReplyDelete