mobsf-testing-sample-app/securitytest.js

import React from 'react';
import { Text, View } from 'react-native';

const SecurityTest = () => {
  // VULNERABILITY: Hardcoded sensitive AWS Key
  const AWS_SECRET = "AKIAIMNO7YBXQDWS7BAR"; 
  
  const loginUser = (username, password) => {
    // VULNERABILITY: Logging sensitive information to console
    console.log("Attempting login for: " + username + " with password: " + password);
  };

  return (
    <View>
      <Text>MobSF Test File</Text>
    </View>
  );
};

export default SecurityTest;
// mobsf_test.js
// VULNERABILITY: Hardcoded Google API Key (Regex match)
const google_key = "AIzaSyA1B2C3D4E5F6G7H8I9J0K1L2M3N4O5P6";

// VULNERABILITY: Hardcoded AWS Secret (Entropy match)
const aws_secret = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY";

// VULNERABILITY: Insecure Connection
const api_url = "http://insecure-api.com/v1/login";

console.log("Keys loaded successfully");
Add securitytest.js 2026-02-18 18:55:32 +00:00			`import React from 'react';`
			`import { Text, View } from 'react-native';`

			`const SecurityTest = () => {`
			`// VULNERABILITY: Hardcoded sensitive AWS Key`
			`const AWS_SECRET = "AKIAIMNO7YBXQDWS7BAR";`

			`const loginUser = (username, password) => {`
			`// VULNERABILITY: Logging sensitive information to console`
			`console.log("Attempting login for: " + username + " with password: " + password);`
			`};`

			`return (`
			`<View>`
			`<Text>MobSF Test File</Text>`
			`</View>`
			`);`
			`};`

Update securitytest.js 2026-02-18 18:58:10 +00:00			`export default SecurityTest;`
			`// mobsf_test.js`
			`// VULNERABILITY: Hardcoded Google API Key (Regex match)`
			`const google_key = "AIzaSyA1B2C3D4E5F6G7H8I9J0K1L2M3N4O5P6";`

			`// VULNERABILITY: Hardcoded AWS Secret (Entropy match)`
			`const aws_secret = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY";`

			`// VULNERABILITY: Insecure Connection`
			`const api_url = "http://insecure-api.com/v1/login";`

			`console.log("Keys loaded successfully");`