We have published a new study reviewing the Security Landscape of Mobile Banking Applications in North America. The study is conducted on over 400 Android and iOS applications analyzing their release cycles, features, capabilities, and tech stacks. The study also performed a deep dive reviewing the mobile applications' security and privacy posture.

Here are some key insights from the study: * Over 30% of the applications were released post-2021 * 67% of applications were updated in the last 3 months, and over 10% have not been updated in over 2 years. * 85% of applications include at least one vulnerable components * 55% of the applications have at least one high or critical severity vulnerability * 100% of the applications used encrypted communication but 20% still initiated some communication over clear text. * Over 20% of the applications suffered from the Biometric authentication bypass and 10% suffered from Authentication OAuth account takeover

For more details, you can check the analysis and results of the study here: https://blog.ostorlab.co/security-mobile-banking-app-landsca...

Indeed the README page assumes familiarity with the scanner.

Updated the readme with the basic commands and referenced another tutorial with in-depth info: https://docs.ostorlab.co/tutorials/run-your-first-scan.html

There is, see the section "Targetting all subdomains".

You can do so by adding your domain name generation tool of your choice, or all. The ones supported for now are `subfinder` and `amass`.

Agent Subfinder: https://github.com/Ostorlab/agent_subfinder Agent Amass: https://github.com/Ostorlab/agent_amass

That's interesting. But it's under a separate subhead and takes additional config and different syntax (though the same subcommand name, which is awkward)..

I think the confusion still remains. Scanning "domain-name www.example.com" will not scan a domain. (And www.example.com is not a domain name, but maybe I'm being prescriptivist here? Have we colloquially abandoned the distinction between hosts and domains? Even if so, I'd argue that a network tool should not use the colloquial sense, but I can go check for kids on my lawn if that would be more fruitful...)

You are right, worth fixing.

Good catch, we should indeed make that explicit.

We did test it on Bug Bounty targets (see article) and found 2.5% of programs to suffer from at least one of these issues.

Yes everything added is open-sourced: Metasploit: https://github.com/Ostorlab/agent_metasploit Nuclei: https://github.com/Ostorlab/agent_nuclei OpenVas (not used though due to many issues): https://github.com/Ostorlab/agent_openvas Asteroid: https://github.com/Ostorlab/agent_asteroid