Mobile Audit tries to find vulnerabilities in the first steps of the development lifecycle, so it focuses alone in static analysis and it does not require the applications to have a runtime environment.

This tool focus in three main parts: Static Analysis, Malware Analysis and Best Practices of Secure Android Coding.

It will perform a full decompilation of the APK and extract all the possible information of it.

It reports the different vulnerabilities and findings in the source code grouped by different categories.

Also, it has full support on finding triage (change status and criticality)

It finds dangerous permissions and suspicious code.

Tells the developers in which parts of the code they are coding securely and where they are not.

It checks if there has been an scan of the APK and extract all its information. Also, there is the possibility of uploading the APK is selected a property in the environment.

Once the analysis it is performed, there will appear all the information of the different detections:

It is possible to upload the findings to the defect manager

It checks in the database if there are URLs in the APK that are related with Malware.