___ ___ ___ _____
|_ || \/ |/ ___|
| || . . |\ `--.
| || |\/| | `--. \
/\__/ /| | | |/\__/ /
\____/ \_| |_/\____/
___ ___ _ _ _ ______ _
| \/ | | | (_)| | | _ \ | |
| . . | ___ | |__ _ | | ___ | | | | ___ ___ | | __ ___ _ __
| |\/| | / _ \ | '_ \ | || | / _ \ | | | |/ _ \ / __|| |/ // _ \| '__|
| | | || (_) || |_) || || || __/ | |/ /| (_) || (__ | <| __/| |
\_| |_/ \___/ |_.__/ |_||_| \___| |___/ \___/ \___||_|\_\\___||_|
This Docker aims to help to the Mobile Cybersecurity Community to have several Android and iOS Tools pre-configured.
This docker was tested for Ubuntu 22.04 and using the MASTG TOOLS as reference. Covering the Generic, Android, iOS and Network tools in case it applies.
The full list implemented is covered in the following documment Docker MASWE List Android & iOS
This toolkit gathers penetration testing and research utilities. Use it only on systems where you have explicit permission and comply with all applicable laws. The maintainers do not endorse or take responsibility for malicious or unauthorized activity carried out with this image.
Docker Desktop is required to run this project locally. Please install Docker Desktop for your operating system before continuing.
macOS — Install Docker Desktop for Mac.
Ubuntu — Install Docker Engine on Ubuntu
Linux (All distros) — Install Docker Desktop for Linux
Windows — Install Docker Desktop for Windows
In Windows Docker Desktop uses the WSL 2 backend on modern Windows; please make sure WSL 2 is enabled and configured before installing.
- Download the git project.
- Build the docker container.
sudo docker build -t just-mobile-security-mobile-docker .
- Run the container
docker run -it --rm -v $(pwd):/workspace just-mobile-security-mobile-docker
After that you only need to use the docker image as the following example.
$ jadx
Due to various OS‑ and architecture‑specific limitations around exposing USB ports inside Docker containers, we’re sharing this workaround to use ADB, SSH, and Frida over Wi‑Fi from within the container.
Below are the steps to connect your Android and iOS devices over Wi‑Fi from inside the Docker container using ADB, SSH, and Frida.
Prerequisite: On your host machine (outside the container), enable wireless debugging on the device:
adb tcpip 5555 adb connect <DEVICE_IP>:5555This puts the device into TCP mode on port 5555.
Then, inside the container:
adb connect <DEVICE_IP>:5555
adb devices
Push and start the Frida server on the device:
adb shell "su -c 'nohup /data/local/tmp/frida-server 0.0.0.0:27042 >/dev/null 2>&1 &'"
From inside the container, list processes via Frida:
frida-ps -H <DEVICE_IP>:27042
Prerequisite: Frida installed on your iPhone (e.g. via Sileo) so that frida-server auto-starts.
From inside the container, establish an SSH tunnel:
ssh -o ExitOnForwardFailure=yes -fNT -L 27042:127.0.0.1:27042 root@<IPHONE_IP>
Verify the tunnel and list processes remotely:
frida-ps -H 127.0.0.1:27042
To close the tunnel when you’re done:
pkill -9 -f 'ssh.*27042'
Some additional tools were added to this docker image as Nuclei, disarm and more! These aren't within the OWASP Project (https://mas.owasp.org/MASTG/tools) if you want to add any additional tool, please create a PR for this repo with the tool and the instructions.