Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

CITATION 2.5KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455
  1. To cite the use of this application, please use
  2. Achim D. Brucker and Michael Herzberg. On the Static Analysis of
  3. Hybrid Mobile Apps: A Report on the State of Apache Cordova
  4. Nation. In International Symposium on Engineering Secure Software
  5. and Systems (ESSoS). Lecture Notes in Computer Science (9639), pages
  6. 72-88, Springer-Verlag, 2016. doi: :10.1007/978-3-319-30806-7_5
  7. A BibTeX entry for LaTeX users is
  8. @InCollection{ brucker.ea:cordova-security:2016,
  9. author = {Achim D. Brucker and Michael Herzberg},
  10. booktitle = {International Symposium on Engineering Secure Software and
  11. Systems (ESSoS)},
  12. language = {USenglish},
  13. editor = {Juan Caballero and Eric Bodden},
  14. publisher = {Springer-Verlag},
  15. pages = {72--88},
  16. talk = {talk:brucker.ea:cordova-security:2016},
  17. address = {Heidelberg},
  18. series = {Lecture Notes in Computer Science},
  19. number = {9639},
  20. title = {On the Static Analysis of Hybrid Mobile Apps: A Report on
  21. the State of Apache Cordova Nation},
  22. year = {2016},
  23. isbn = {978-3-642-11746-6},
  24. classification= {conference},
  25. areas = {security, software},
  26. public = {yes},
  27. doi = {10.1007/978-3-319-30806-7_5},
  28. pdf = {https://www.brucker.ch/bibliography/download/2016/brucker.ea-cordova-security-2016.pdf},
  29. abstract = {Developing mobile applications is a challenging business:
  30. developers need to support multiple platforms and, at the
  31. same time, need to cope with limited resources, as the
  32. revenue generated by an average app is rather small. This
  33. results in an increasing use of cross-platform development
  34. frameworks that allow developing an app once and offering
  35. it on multiple mobile platforms such as Android, iOS, or
  36. Windows.
  37. Apache Cordova is a popular framework for developing
  38. multi-platform apps. Cordova combines HTML5 and JavaScript
  39. with native application code. Combining web and native
  40. technologies creates new security challenges as, e.g., an
  41. XSS attacker becomes more powerful.
  42. In this paper, we present a novel approach for statically
  43. analysing the foreign language calls. We evaluate our
  44. approach by analysing the top Cordova apps from Google
  45. Play. Moreover, we report on the current state of the
  46. overall quality and security of Cordova apps. },
  47. keywords = {static program analysis, static application security
  48. testing, Android, Cordova, hybrid mobile apps},
  49. url = {https://www.brucker.ch/bibliography/abstract/brucker.ea-cordova-security-2016}
  50. }