npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

mobsf-mcp

v1.0.0

Published

a Node.js-based Model Context Protocol implementation for MobSF

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

ilil111ilil111

Keywords

MobSFstatic analysissecurityautomationmulti-control pointMCPsecurity analysis

Readme

MobSF-MCP

Architecture based on https://github.com/GH05TCREW/mobsf-mcp

📑 Overview

MobSF MCP is a Node.js-based Model Context Protocol implementation for Mobile Security Framework (MobSF). It provides a standardized interface for integrating MobSF's security analysis capabilities into automated workflows and third-party tools.

🛠️ Prerequisites

  • Node.js (v14 or higher)
  • npm (Node Package Manager)
  • Running instance of MobSF with API access

⚙️ Installation And Usage

Clone the repository or navigate to the mobsf-mcp directory, and install dependencies:

npm install -g MobSF-MCP

Configure environment variables and start the MobSF MCP server by using the npx command:

📚 Open PowerShell as an administrator

$env:MOBSF_URL="http://localhost:8000"; 
$env:MOBSF_API_KEY="your_api_key_here"; 
npx MobSF-MCP

📂 API Reference

Available Endpoints

| Endpoint | Description | Parameters | |----------|-------------|------------| | uploadFile | Upload a mobile application file (APK, IPA, or APPX) for security analysis | file: File path to upload | | getScanLogs | Retrieve detailed scan logs for analyzed application | hash: MD5 hash of the scan | | getJsonReport | Get full JSON security analysis report | hash: MD5 hash of the scan | | getJsonReportSection | Get specific section of the report | hash: MD5 hash, section: Section name | | getJsonReportSections | List all available report sections | hash: MD5 hash of the scan | | getRecentScans | Retrieve list of recent security scans | page: Page number, pageSize: Results per page | | searchScanResult | Search scan results by various criteria | query: Search term (hash/name/package) | | deleteScan | Delete scan results | hash: MD5 hash of the scan | | getScorecard | Get application security scorecard | hash: MD5 hash of the scan | | generatePdfReport | Generate PDF security report | hash: MD5 hash of the scan | | viewSource | View source files from analysis | hash: MD5 hash, file: File path, type: File type | | getScanTasks | Get scan tasks queue (async scan queue) | None | | compareApps | Compare two scan results | hash1: First scan hash, hash2: Second scan hash | | suppressByRule | Suppress findings by rule ID | hash: MD5 hash, type: code/manifest, rule: Rule ID | | suppressByFiles | Suppress findings by files | hash: MD5 hash, type: code, rule: Rule ID | | listSuppressions | View scan suppressions | hash: MD5 hash of the scan | | deleteSuppression | Delete suppressions | hash: MD5 hash, type: code/manifest, rule: Rule ID, kind: rule/file | | listAllHashes | Get all report MD5 hash values | page: Page number, pageSize: Results per page |

JSON Report Sections

The following sections are available when using getJsonReportSection:

Basic Information

  • version: MobSF version
  • title: Report title
  • file_name: Analyzed file name
  • app_name: Application name
  • app_type: Application type
  • size: File size
  • md5, sha1, sha256: File hashes
  • package_name: Application package name

Application Components

  • main_activity: Main activity name
  • exported_activities: List of exported activities
  • browsable_activities: List of browsable activities
  • activities: All activities
  • receivers: Broadcast receivers
  • providers: Content providers
  • services: Services
  • libraries: Native libraries

Security Analysis

  • target_sdk, max_sdk, min_sdk: SDK versions
  • version_name, version_code: App version info
  • permissions: Declared permissions
  • malware_permissions: Potentially dangerous permissions
  • certificate_analysis: Certificate security analysis
  • manifest_analysis: AndroidManifest.xml analysis
  • network_security: Network security configuration
  • binary_analysis: Binary file analysis
  • code_analysis: Source code security analysis
  • niap_analysis: NIAP compliance analysis

Additional Analysis

  • permission_mapping: Permission usage mapping
  • urls, domains, emails: Extracted strings
  • firebase_urls: Firebase URL analysis
  • exported_count: Count of exported components
  • apkid: APK identifier information
  • behaviour: Application behavior analysis
  • trackers: Tracking libraries detection
  • playstore_details: Google Play Store details
  • secrets: Detected secrets/keys
  • logs: Analysis logs
  • sbom: Software Bill of Materials
  • average_cvss: Average CVSS score
  • appsec: Application security score
  • virus_total: VirusTotal scan results

🖥️ VSCode Cline Extension Configuration

To use this project with the cline extension in VSCode, add the following configuration to your cline configuration file:

{
  "mcpServers": {
    "MobSF MCP Server": {
      "disabled": false,
      "timeout": 60,
      "command": "Nodejs\\node.exe",
      "args": [
        "index.js"
      ],
      "env": {
        "MOBSF_URL": "http://localhost:8000",
        "MOBSF_API_KEY": "your_api_key_here"
      },
      "transportType": "stdio"
    }
  }
}

⚠️ Path to your Node.js executable (adjust according to your system, e.g., C:\\Program Files\\nodejs\\node.exe). Make sure to fill in your actual MOBSF_API_KEY in the configuration.

⚠️ Disclaimer and Legal Notice

This tool is designed and provided for security researchers, penetration testers, and developers for LEGAL USE ONLY. The primary purpose is to assist in:

  • Security assessment of your own applications
  • Applications you have explicit permission to test
  • Research and educational purposes

The following uses are strictly prohibited:

  • Any malicious or harmful activities
  • Unauthorized access to systems or data
  • Testing applications without proper authorization
  • Any illegal activities or violation of laws

By using this tool, you agree to:

  1. Use it only for legal and authorized purposes
  2. Take full responsibility for your actions
  3. Comply with all applicable laws and regulations
  4. Hold the developers and contributors harmless from any claims

📄 License

This project is licensed under the Apache 2.0 License - see the LICENSE file for details.

✨ Acknowledgments