-
## Description
Create a new weakness for "Hardcoded Cryptographic Keys in Use (MASVS-CRYPTO-2)" using the following information:
One thing is to include hardcoded keys in the code, another is to…
-
frida -U -l disable_root_detection.js -f owasp.mstg.uncrackable1 --no-pause
____
/ _ | Frida 15.1.14 - A world-class dynamic instrumentation toolkit
| (_| |
> _ | Commands:
…
-
## Description
Create a new risk for "Weak Cryptographic Key Generation (MASVS-CRYPTO-2)" using the following information:
e.g. 1024-bit RSA keys, 128-bit AES keys, 160-bit ECDSA keys, 80-bit …
-
## Description
Create a new risk for "Sensitive Data Not Excluded From Backup (MASVS-STORAGE-2)" using the following information:
sensitive data can be excluded to prevent it from being backed u…
-
Security implications? when to use it instead of the Keystore?
- https://developer.android.com/training/articles/security-tips.html#Credentials
- https://developer.android.com/training/id-auth/authe…
-
## Description
Create a new risk for "Sensitive Data Stored With Insufficient Access Restrictions in Internal Locations (MASVS-STORAGE-2)" using the following information:
Sensitive data may be …
-
-
Nearby Connections is a peer-to-peer networking API that allows apps to easily discover, connect to, and exchange data with nearby devices in real-time, regardless of network connectivity.
> We don’t…
-
Add references to https://learnfrida.info/ which extends the MSTG Dynamic Binary Instrumentation (DBI) testing techniques.
In Document/0x08-Testing-Tools.md, create a section right before "#### Fri…
-
In chapter: "Testing Code Quality and Build Settings of Android Apps"
Enhance section "[Make Sure That Free Security Features Are Activated (MSTG-CODE-9)](https://github.com/OWASP/owasp-mstg/blob/…