Automate the bulk upload, scan and report download of APKs to a local MobSF instance
Explore the code »
dir2mob is a lightweight Python utility that streamlines static analysis with MobSF. Point it at any directory containing APKs, and it will:
- Discover all
.apkfiles in a folder - Upload each APK to your local MobSF API
- Trigger a static scan
- Download PDF reports into a
reports/subfolder
Ideal for pentesters or CI pipelines that need to batch-analyze multiple Android packages.
-
Clone the repository
git clone https://github.com/rsenet/dir2mob.git cd dir2mob -
(Optional) Create a virtual environment
python3 -m venv .venv source .venv/bin/activate -
Install requirements
pip install requests
Edit the top of dir2mob.py (or set environment variables):
MOBSF_URL = 'http://localhost:8000'
API_KEY = 'your_mobsf_api_key_here'
TIMEOUT_SECONDS = 30
MAX_RETRIES = 3- MOBSF_URL: URL of your MobSF server
- API_KEY: your MobSF API key
- TIMEOUT_SECONDS: per-request timeout
- MAX_RETRIES: retry count on failures
python3 dir2mob.py /path/to/apk_directory$ python3 dir2mob.py ../apk/
[+] Found 1 APKs to upload.
[+] Uploading ../apk/base.apk to MobSF...
[+] Starting scan for hash 04184fd43d293434b21775b3ff38b4a8...
[+] Scan triggered successfully.
[+] Scan completed for ../apk/base.apk.
[+] JSON report saved: ../apk/reports/base_report.json
[+] PDF report saved: ../apk/reports/base_report.pdf
…
$ tree ../apk/
../apk/
├── base.apk
└── reports
├── base_report.json
└── base_report.pdfAll reports will be under ./apk_samples/reports/, named <apk_basename>_report.pdf.
Contributions and feedback are welcome!
- Fork the repo
- Create your feature branch (
git checkout -b feature/my-feature) - Commit your changes (
git commit -m "feat: add new feature") - Push to the branch (
git push origin feature/my-feature) - Open a Pull Request
Régis SENET
https://github.com/rsenet
This project is licensed under the GPLv3 License.