-
I get these types of errors when running on Kali Linux:
semgrep error: invalid language: xml
--> rules/code/mstg-code-2.yaml:5
4 | languages:
5 | - xml
6 | metadata:
7 | …
-
In order to speed up reviewing & releasing, we need to :
- [ ] Fix the epub rendering (check document for links and images) and fix errors from `epubcheck OWASP_MSTG-SNAPSHOT-en.epub`
- [ ] Fix t…
-
**Describe the issue**
Add additional meta-data to our existing markdown description.
Mixture of Yaml and Markdown:
https://raw.githubusercontent.com/OWASP/owasp-mstg/master/.github/ISSUE_TEMPLAT…
-
Hi
I have this error when scanning an android app
File "/Users/javi/Library/Python/3.9/lib/python/site-packages/semgrep/core_runner.py", line 257, in _stream_subprocess
raise SemgrepError…
-
Starting mobile scan as follows:
```
fcli fod scan start-mobile --file .\MSTG-Android-Java.apk --entitlement SubscriptionOnly --framework Android --assessment Mobile "MASTG-Hacking-Playground:And…
-
We know that ASVS is for Web Apps, but how far do we go? Do we include DevOps principles? infrastructure management? Laptop security?
-
### Discussed in https://github.com/OWASP/owasp-mastg/discussions/2367
Originally posted by **sohsatoh** February 9, 2023
The "Finding Sensitive Data in the Keyboard Cache" section of MSTG-ST…
-
-
**Describe the issue**
it seems /proc/self/maps should be removed as a method for frida detection (at least when running as gadget). As an app will not have access to this information (pid would need…
-
Hi,
First of all, thank you for the great project! Very helpful!
I tested the rules on an Android application and noticed that it didn't flag certain issues related to WebView that I was getting…