For tests to properly run on our system, they should be properly configured APKs and IPAs that a developer would release into production. In many cases, we see security analysts and researchers attempt to run automated analysis on manual penetration testing apps.
In many instances, these apps will not provide measurable results when compared to manual analysis. There are several reasons for this:
While many security professionals rely on these apps to learn penetration testing techniques, these apps are unique tools purpose-built to be a learning app.
Damn Vulnerable iOS App: DVIA (iOS)
OWASP GoatDroid Project: GoatDroid (Android)
Insecure Banking App: InsecureBank & InsecureBankv2 (Android)
If you would like to learn more about apps that would run on our system or discuss a proper app to use when exploring our current features, please refer to our
Mobile Apps chapter or connect with us using our in-app chat.