Improved Markdown.
This commit is contained in:
parent
47c3e0bd6c
commit
cd039fe66e
12
README.md
12
README.md
|
|
@ -1,4 +1,5 @@
|
|||
# DVHMA
|
||||
|
||||
Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for
|
||||
Android) that *intentionally* contains vulnerabilities. Its purpose is
|
||||
to enable security professionals to test their tools and techniques
|
||||
|
|
@ -6,6 +7,7 @@ legally, help developers better understand the common pitfalls in
|
|||
developing hybrid mobile apps securely.
|
||||
|
||||
## Motivation and Scope
|
||||
|
||||
This app is developed to study pitfalls in developing hybrid apps,
|
||||
e.g., using [Apache Cordova](https://cordova.apache.org/) or
|
||||
[SAP Kapsel](https://blogs.sap.com/2013/10/21/an-introduction-to-smp-kapsel/),
|
||||
|
|
@ -14,8 +16,11 @@ understanding of injection vulnerabilities that exploit the JavaScript
|
|||
to Java bridge.
|
||||
|
||||
## Installation
|
||||
|
||||
### Prerequisites
|
||||
|
||||
We assume that the
|
||||
|
||||
* Android SDK (https://developer.android.com/sdk/index.html) and
|
||||
* Apache Cordova (https://cordova.apache.org/), version 8.0.0 (later
|
||||
versions might work)
|
||||
|
|
@ -24,12 +29,15 @@ Moreover, we assume a basic familiarity with the build system of
|
|||
Apache Cordova.
|
||||
|
||||
### Building DVHMA
|
||||
|
||||
#### Setting Environment Variables
|
||||
|
||||
export ANDROID_HOME=<Android SDK Installation Directory>
|
||||
export PATH=$ANDROID_HOME/tools:$PATH
|
||||
export PATH=$ANDROID_HOME/platform-tools:$PATH
|
||||
|
||||
#### Compiling DVHMA
|
||||
|
||||
cd DVHMA-Featherweight
|
||||
cordova plugin add ../plugins/DVHMA-Storage
|
||||
cordova plugin add ../plugins/DVHMA-WebIntent
|
||||
|
|
@ -37,9 +45,11 @@ Apache Cordova.
|
|||
cordova compile android
|
||||
|
||||
#### Running DVHMA in an Emulator
|
||||
|
||||
cordova run android
|
||||
|
||||
## Team Members
|
||||
|
||||
The development of this application started as part of the project
|
||||
[ZertApps](http://www.zertapps.de). ZertApps was a collaborative
|
||||
research project funded by the German Ministry for Research and
|
||||
|
|
@ -52,9 +62,11 @@ The core developers of DVHMA are:
|
|||
* [Michael Herzberg](http://www.dcs.shef.ac.uk/cgi-bin/makeperson?M.Herzberg)
|
||||
|
||||
## License
|
||||
|
||||
This project is under the Apache 2.0 License.
|
||||
|
||||
## Publications
|
||||
|
||||
* Achim D. Brucker and Michael Herzberg. [On the Static Analysis of
|
||||
Hybrid Mobile Apps: A Report on the State of Apache Cordova
|
||||
Nation.](https://www.brucker.ch/bibliography/download/2016/brucker.ea-cordova-security-2016.pdf)
|
||||
|
|
|
|||
Loading…
Reference in New Issue