rule overlap between MobSF and mobsfscan
Purpose
Providing proof and data to support deprecating MobSF in a correct way.
- MobSF rules are regex without tests --- meaning we need to translate every rule into semgrep, and add a lot of test from scratch.
- mobsfscan rules are partly regex and partly semgrep, both with tests --- meaning we need to translate only some regex, and no need to craft tests.
- If mobsfscan rules covers most of MobSF rules, it's reasonable to apply 2.