-
Hi, recently I work on a collection of Semgrep rules to cover the static tests described by the OWASP MASTG.
This is the official repo: https://github.com/mindedsecurity/semgrep-rules-android-securit…
-
**Describe the bug**
Hi there, always great to see more Apps making use of F-Droid! I thought I'd take a quick look due to the popularity.
I believe KeyPass in it's current status does not meet …
-
Include Taint Analysis in our techniques.
https://www.usenix.org/system/files/sec20-elsabagh.pdf
## Tools
### GDA?
GDA supports Static Taint Analysis:
https://github.com/charles2gan/GDA-a…
-
Starting mobile scan as follows:
```
fcli fod scan start-mobile --file .\MSTG-Android-Java.apk --entitlement SubscriptionOnly --framework Android --assessment Mobile "MASTG-Hacking-Playground:And…
-
[Phase 1] Refactor 0x06j-Testing-Resiliency-Against-Reverse-Engineering.md
* Add overview theory section
* Extract more theory into overview
* update reference, remove MASVS IDs
* add swiftshield …
-
Many pages make references to PassionFruit which is deprecated and replaced by Grapefruit:
- https://mas.owasp.org/MASTG/iOS/0x06b-Basic-Security-Testing/#passionfruit
- https://mas.owasp.org/MAST…
-
### Discussed in https://github.com/OWASP/owasp-mastg/discussions/2367
Originally posted by **sohsatoh** February 9, 2023
The "Finding Sensitive Data in the Keyboard Cache" section of MSTG-ST…
-
Hey,
Do you plan to release newer version of OWASP MAS Checklist?
I am asking because I have a strange issue.
In the current version when I select an answer in the first point for MASVS-STORAGE-1…
-
In order to make sure that no one tries to monetize this platform , we will have to find another license.
Maybe https://github.com/OWASP/owasp-mastg/blob/master/License.md ?
This can help peopl…
-
The content in this repo seems to talk about 1.4.2 when 1.5.0 is the latest?
While https://github.com/OWASP/owasp-mastg/releases doesn't seem to have any release 1.4.2 at all.