Device Security Detect #198
Comments
|
Hi @Sig-Bianco, Maybe you could check out freeRASP (https://github.com/talsec/Free-RASP-Capacitor). We recently added support for Capacitor and based on your description it does exactly what you are looking for. The plugin provides robust device security detection features to help enhance the security of any Capacitor-based application. You can find out more about freeRASP along with the integration manual in the GitHub repo I linked before. Cheers, Tomas from Talsec |
|
Still failed in the pentest even after being used ionic capacitor @tompsota |
|
Any other capacitor plugins to mitigate root detection and ssl bypassing ? @tompsota |
|
@vaasuvan I am curious which tests it failed? |
|
Hi Oliver,
I used this plugin for ionic capacitors project but not resolved yet please
🙏 tell me what are hooks methods used for rooted devices and jailbreak
devices.
Still failing when i test after implementation. Please
Thank you
Best regards
Wasu
…On Wed, 11 Sep 2024 at 10:01 AM, Oliver Yasuna ***@***.***> wrote:
@vaasuvan <https://github.com/vaasuvan> I am curious which tests it
failed?
—
Reply to this email directly, view it on GitHub
<#198 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ANVOBIEKNZCMAEBGCR4AGATZV6QBFAVCNFSM6AAAAABN4XOBGKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGNBSGQ3DMNRRGM>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
This plugin should be implemented and available soon - see https://github.com/capacitor-community/device-security-detect. Stay tuned :) |
|
Hey @vaasuvan, yeah it's not surprising that with freeRASP you failed pentest. That's what I'd expect too. Due to the technical aspects of plugins, usually it is not too complicated to just strip off some calls between the SDK and the app. |
|
The initial |
|
I think that this issue can be closed, unless there are any objections. thank you |
|
The request has been completed and implemented in the following plugin: @capacitor-community/device-security-detect |
Thanks. I was actually asking what tests you and your company run? |
Plugin Request
Name: Device Security Detect
Package:
@capacitor-community/device-security-detectPlatform(s)
Android, iOS
Existing Solutions
https://github.com/WuglyakBolgoink/cordova-plugin-iroot
Description
The Device Security Detect plugin is designed to provide comprehensive device security detection capabilities for Capacitor-based applications. It aims to detect whether the application is running on an emulator as well as whether the device has been rooted (Android) or jailbroken (iOS). By using this plugin, developers can enhance the security of their applications and take appropriate actions based on the detected security status.
The main features of the Device Security Detect plugin include:
Emulator Detection: The plugin utilizes various techniques to identify if the application is running on an emulator or a physical device. This can be useful for preventing unauthorized usage of the application on emulator environments.
Root/Jailbreak Detection: The plugin checks for signs of root access on Android devices and jailbreak status on iOS devices. By detecting such modifications, developers can take measures to protect their applications from potential security risks associated with rooted or jailbroken devices.
The text was updated successfully, but these errors were encountered: