-
Read it here: https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05c-Reverse-Engineering-and-Tampering.md#user-content-debugging-and-tracing
-
We should include the notion of a patched security provider and test on that. See https://developer.android.com/training/articles/security-gms-provider.html for more details.
-
There are a bunch of issues with the key management in Android:
1. Byte-arrays for teh Java Key are not cleaned after operations, one shoule create a wrapper which implements Destroyable and clears u…
-
-
There are two requirements regarding jailbroken devices:
* [6.9](https://github.com/OWASP/owasp-masvs/blob/master/Document/0x11-V6-Interaction_with_the_environment.md): The app detects whether it i…
Sjord updated
7 years ago
-
Add RSA Encryption sampel to Remediation section of Test Case "Testing Local Data Storage".
-- [TODO: add key generation for RSA encryption] --
-
-- TODO: What is sensitive information? Need to be described, ideally defined by the customer (data classification policy).
-
Migrate content from our blog article:
http://www.vantagepoint.sg/blog/84-verifying-mobile-app-security-using-the-owasp-checklist
To this section:
https://github.com/OWASP/owasp-mstg/blob/mas…
-
-