Ostorlab: Mobile App Security Testing for Android and iOS

Critical attack surface of mobile applications

the Attack Surface of mobile applications.

Ostorlab Team


                  Wed 17 January 2018

Product

Ostorlab is a community effort to build a mobile application vulnerability scanner to help developers build secure mobile applications. One of the new key components of the scanner detection capabilities is a new shiny static taint engine for Android Dalvik Bytecode that was heavily optimized for performance and low false positives.

Ostorlab Team


                    Fri 16 June 2017

Product

June 2017

We are pleased to announce a set of new improvements

Ostorlab Team


                    Thu 01 June 2017

Security

New Taint Engine ... more vulnerabilities found

We have been for the last few months hard at work developing a new scan engine to identify new classes of vulnerabilities. The new scan engine is capable of identifying SQL injections, intent hijacking, insecure random seed, insecure cryptography etc.

Ostorlab Team


                    Sun 23 April 2017

Changelog

View all changes

Single Vulnerability Assessment (SVA), Dig Deeper, Scan Report PDF Design Improvement & Multilanguage Support


                  Mon 01 June 2026

Deep Agentic Scan (BYOK), New CI Integrations, Scan Filters & Performance


                  Fri 27 March 2026

AI Pentest Upgrades, ServiceNow Integration, Redesigned Email Notifications, and Enhanced Platform Controls


                  Wed 17 December 2025

Mobile Benchmarking, Monkey Tester Reliability, and Deeper Web Crawling


                  Tue 23 September 2025

18 of 19

May 2018

April 2018

February 2018

Reinforcement Learning & Automated Testing - part 1

Critical attack surface of mobile applications

January 2018

Latest posts

December 2017

November 2017

September 2017

August 2017

July 2017

Finding security bugs in Android applications the hard way

June 2017

New Taint Engine ... more vulnerabilities found

Changelog

Single Vulnerability Assessment (SVA), Dig Deeper, Scan Report PDF Design Improvement & Multilanguage Support

Deep Agentic Scan (BYOK), New CI Integrations, Scan Filters & Performance

AI Pentest Upgrades, ServiceNow Integration, Redesigned Email Notifications, and Enhanced Platform Controls

Mobile Benchmarking, Monkey Tester Reliability, and Deeper Web Crawling

May 2018

April 2018

February 2018

Reinforcement Learning & Automated Testing - part 1

Critical attack surface of mobile applications

January 2018

Latest posts

December 2017

November 2017

September 2017

August 2017

July 2017

Finding security bugs in Android applications the hard way

June 2017

New Taint Engine ... more vulnerabilities found

Changelog

Single Vulnerability Assessment (SVA), Dig Deeper, Scan Report PDF Design Improvement & Multilanguage Support

Deep Agentic Scan (BYOK), New CI Integrations, Scan Filters & Performance

AI Pentest Upgrades, ServiceNow Integration, Redesigned Email Notifications, and Enhanced Platform Controls

Mobile Benchmarking, Monkey Tester Reliability, and Deeper Web Crawling

Subscribe to the Ostorlab Newsletter