Skip to content

Security Reports

This section details how to retrieve detailed security analysis reports for applications analyzed through the Mobile Threat Intelligence platform.

Overview

Security reports provide comprehensive analysis of applications including:

  • Libraries & Dependencies - Third-party libraries and frameworks used
  • Trackers - Analytics and tracking libraries embedded
  • Data Access - Sensitive data accessed by the application
  • Data Leaks - Potential exfiltration of sensitive information
  • Permissions - Requested system permissions
  • Components - Application components (activities, services, receivers)
  • Vulnerabilities - Security risks and misconfigurations
  • Features - Suspicious behaviors detected
  • Communications - Network endpoints contacted
  • Filesystem Operations - File system access patterns

WARNING

Code location information will be removed from this report and would be accessible once the commercial offer of "Detailed catalog audit" will be raised. Do not rely on "matches" and "flow" properties

Retrieve Application Report

API Endpoint

bash
GET /v2/applications-catalog/application-report

Request

With version :

bash
curl "https://api.pradeo-security.com/v2/applications-catalog/application-report?package=my.package&system=Android&version=x.y.z" \
  -H 'accept: application/json' \
  -H "x-access-key: YOUR_ACCESS_KEY" \
  -H "x-secret-key: YOUR_SECRET_KEY"

Without version (match the latest available report) :

bash
curl "https://api.pradeo-security.com/v2/applications-catalog/application-report?package=my.package&system=iOS" \
  -H 'accept: application/json' \
  -H "x-access-key: YOUR_ACCESS_KEY" \
  -H "x-secret-key: YOUR_SECRET_KEY"

On iOS, package is the bundleId.

Handling Analysis Errors

If no report is available, this endpoint will return a 404, please in this case submit the application using Application Submission.

This method try to get the nearest report based on package/system/version provided, you can check the HTTP header :

  • X-PERFECT-MATCH : true if we find the exact version
  • X-PENDING-ANALYSIS : true if more report content will arrive

Response Format

The report contains the following sections:

json
{
  "libraries": [...],
  "trackers": [...],
  "frameworks": [...],
  "accesses": [...],
  "leaks": [...],
  "permissions": [...],
  "components": [...],
  "vulnerabilities": [...],
  "features": [...],
  "communications": [...],
  "filesystem": {...},
  "database": [...],
  "commands": [...],
  "metadata": {...},
  "errorCode": "NoError",
  "errorMessage": ""
}

Report Sections

Libraries

List of detected libraries and dependencies:

json
{
  "libraries": [
    {
      "name": "Google Drive",
      "package": "Lcom/google/android/gms/"
    },
    {
      "name": "Google Firebase",
      "package": "Lcom/google/firebase/"
    }
  ]
}

Trackers

Analytics and tracking services:

json
{
  "trackers": [
    {
      "name": "Google Analytics",
      "website": "https://analytics.google.com",
      "category": ["Analytics"],
      "documentation": []
    }
  ]
}

Data Access

Sensitive data accessed by the application:

json
{
  "accesses": [
    {
      "type": "Device",
      "matches": [...]
    },
    {
      "type": "Location",
      "matches": [...]
    },
    {
      "type": "Contacts",
      "matches": [...]
    }
  ]
}

Data Leaks

Potential exfiltration of sensitive information:

json
{
  "leaks": [
    {
      "data": {
        "type": "Device",
        "matches": []
      },
      "sink": {
        "type": "Communication",
      },
      "flow": {...}
    }
  ]
}

Permissions

System permissions requested by the application:

json
{
  "permissions": [
    {
      "permission": {
        "name": "android.permission.ACCESS_FINE_LOCATION",
        "system": "Android"
      },
      "manifest": true,
      "runtime": {...}
    }
  ]
}

Components

Application components (activities, services, receivers, providers):

json
{
  "components": [
    {
      "name": "com.example.MainActivity",
      "kind": "Activity",
      "exported": true,
      "intentFilter": ["android.intent.action.MAIN"]
    }
  ]
}

Vulnerabilities

Security risks and misconfigurations:

json
{
  "vulnerabilities": [
    {
      "type": "Potential Hard-Coded Secret",
      "vulnerabilities": [
        {
          "vulnerability": {
            "name": "Potential Hard-Coded Secret",
            "impact": "MEDIUM"
          },
          "location": {...},
          "vulnerableValue": "secret-key-123"
        }
      ]
    }
  ]
}

Vulnerability Types:

  • Hard-coded secrets
  • Weak cryptography
  • Exported components
  • SQL injection risks
  • Insecure storage
  • Weak random generators

Features

Suspicious behaviors detected:

json
{
  "features": [
    {
      "name": "Reflection",
      "matches": [...]
    },
    {
      "name": "DynamicCodeLoading",
      "matches": [...]
    }
  ]
}

Feature Types:

  • Reflection usage
  • Dynamic code loading
  • Native code execution
  • Obfuscation
  • Root/jailbreak detection

Communications

Network endpoints contacted by the application:

json
{
  "communications": [
    {
      "method": "GET",
      "scheme": "https",
      "host": "api.example.com",
      "port": "443",
      "path": "/v1/users",
      "query": {}
    }
  ]
}

Filesystem Operations

File system access patterns:

json
{
  "filesystem": {
    "read": [...],
    "write": [...],
    "delete": [...],
    "create": [...]
  }
}

Metadata

Application metadata:

json
{
  "metadata": {
    "name": "Example App",
    "packageName": "com.example.app",
    "version": "1.0.0",
    "versionCode": 1,
    "sha1": "hash...",
    "sha256": "hash...",
    "md5": "hash..."
  }
}

Best Practices

  • Cache Results - Store reports locally to minimize API calls
  • Version Tracking - Compare reports across versions to track improvements
  • Risk Assessment - Use vulnerabilities and permissions for risk scoring
  • Regular Updates - Check for updated reports periodically
  • Automated Processing - Parse JSON reports programmatically
  • Performance - Use specific endpoints for needed sections

Next Steps