-
## Description
Create a new risk for "Deprecated Android KeyStore Implementations (MASVS-CRYPTO-2)" using the following information:
Avoid deprecated implementations such as BKS
Create "`risks/…
-
## Description
Create a new risk for "Weak Hashing (MASVS-CRYPTO-1)" using the following information:
Utilizing weak hashing algorithms such as MD5 and SHA1 in a security sensitive context may com…
-
## Description
Create a new risk for "Sensitive Data Hardcoded in the App Package (MASVS-STORAGE-1)" using the following information:
Sensitive data (including cryptographic and authentication m…
-
Recently a new version of Drozer has been released [Drozer 3.0.0](https://github.com/WithSecureLabs/drozer/releases/tag/3.0.0). It supports Python 3 and modern Java per their release notes:
`Compatib…
-
### MASTG Chapter
MASTG-TECH-0003.md
### File Line Number
22
### Context
the tool doesn't seems to work and stackoverflow suggested using https://github.com/3052/google
ckgal updated
2 months ago
-
This is a preview of the new implementation of risks and tests for the MAS project.
In this issue we'd like to collect your feedback regarding:
> MASVS-CRYPTO: [risks/MASVS-CRYPTO/1-strong-crypt…
-
I will use this thread to propose changes to the project. These are (or at least it should be after we agree upon it) ordered in the chronological order in which these changes should be implemented. P…
-
[tags]mobile,reverse-engineering,learning[/tags]
[short_descr]Comprehensive manual for mobile app security testing and reverse engineering.[/short_descr]
[link] https://mas.owasp.org/ [/link]
[link] …
-
I'm attempting to utilize Frida on iOS without jailbreaking. The setup I have is as follows:
Frida version 16.1.4
macOS Sonoma 14.0
iOS 17.0.3
iPhone 12
Xcode 15.0
ideviceimagemounter 1.3.0
I…
-
https://github.com/MobSF/Mobile-Security-Framework-MobSF/issues/2195
```
Hi, recently I work on a collection of Semgrep rules to cover the static tests described by the OWASP MASTG.
This is the o…