-
**Describe the bug**
The new Release Breaking our OWASP MASTG/MASVS document generation.
**Steps To Reproduce**
```
Digest: sha256:3a0436dfa85c5b12580afc921ebd65097dce3cacf2befdcccac5898e4…
-
### MASTG Chapter
Breadcrumbs owasp-mastg/tests/android/MASVS-RESILIENCE /MASTG-TEST-0051.md
### File Line Number
63
### Context
When I open the link to APKiD from https://mas.owasp.org/MAS…
-
The audit part of 1.1.1.1 is defined as:
> 1.1.1.1 The app shall securely store sensitive data.
This is a broad statement about all the data that the app stores. However, the **Evidence** and *…
-
Very similar to https://github.com/appdefensealliance/ASA-WG/issues/33 - the Verification procedures cover only external storage when testing procedure referenced in L2 covers local storage as well
…
-
## Description
Create a new risk for "Weak Cryptographic Key Generation (MASVS-CRYPTO-2)" using the following information:
e.g. 1024-bit RSA keys, 128-bit AES keys, 160-bit ECDSA keys, 80-bit …
-
## Description
Create a new risk for "Backup Unencrypted (MASVS-STORAGE-2)" using the following information:
The app may not encrypt sensitive data in backups, which may compromise data confiden…
-
## Description
Create a new risk for "Sensitive Data Not Excluded From Backup (MASVS-STORAGE-2)" using the following information:
sensitive data can be excluded to prevent it from being backed u…
-
Recently a new version of Drozer has been released [Drozer 3.0.0](https://github.com/WithSecureLabs/drozer/releases/tag/3.0.0). It supports Python 3 and modern Java per their release notes:
`Compatib…
-
## Description
Create a new risk for "Hardcoded Cryptographic Keys in Use (MASVS-CRYPTO-2)" using the following information:
One thing is to include hardcoded keys in the code, another is to u…
-
## Description
Create a new risk for "Sensitive Data Stored Unencrypted in Private Storage Locations (MASVS-STORAGE-1)" using the following information:
Sensitive data may be stored in internal …