-
The README says "Fulfills OWASP Code Tampering and Reverse Engineering measures". Are you referring to the OWASP MASVS?
https://mas.owasp.org/MASVS/Controls/0x15-V8-Resiliency_Against_Reverse_Engin…
-
As long as applications allow users to authenticate via password, users should be allowed to paste in passwords from clipboard. Unique passwords for each and every service that a person uses is consid…
-
Given the update in 1.1.1 of the MASVS (regarding control 7.1), we need to extend our coverage on the MSTG if it comes to securing the signing key.
Methods could include, but should not be limited …
-
I have some tips to improve a bit the Spanish translation, just to improve comprehesion, sometimes I feel the paragraph is a literal translation from English, some little changes will improve comphesi…
-
For example, I have minor suggestions to the header if we want to simplify.
- 'Contributing' can be 'Contribute'
- 'Donations' can be 'Donate'
_Originally posted by @p2635 in https://github.com…
-
In the readme file of the project if we press the big button that says **Read the OWASP MASVS** it leads to a 404. This is the button in question:
![image](https://user-images.githubusercontent.com…
-
> The clipboard is deactivated on text fields that may contain sensitive data.
No, please don't. That prevents many password managers from working (not all of them support Android 8's new APIs). So…
-
MSTG‑ARCH‑12: The app should comply with privacy laws and regulations.
Furthermore, based on this, the following actions need to be taken:
- [ ] Extend user education section
- [x] Extend explana…
-
#1988 removes this section that doesn't belong there since it's not about privacy or user education on that regard. It's rather about complying to copyright laws stating that the user must be informed…
-
Create a general testcase for MSTG‑ARCH‑11: A responsible disclosure policy is in place and effectively applied.