-
-
There were some sql features that I wanted to use that I had trouble figuring out the syntax for (specifically subqueries and IS NULL). They have didn't have clear examples in the godocs or the README…
-
Add 8.7 and 8.8 for android and ios: show how you can delay the attacker or report tampering to the backend as a response to a tamper detected
8.7: The app implements multiple mechanisms in each defe…
-
MSTG is a mature flagship OWASP project with a large following and a steady flow of contributors maintaining the guide. Until ISTG has a similar maturity and following, it'll be challenging to keep up…
-
- [ ] - Let's redistribute all apps to their own repository and setup basic pipeline, same holds for the crackmes
- [x] - Let's add the Kottlin app
- [ ] - Let's automate every build with Travis (us…
-
MSTG-PLATFORM-11: Verify that the app prevents usage of custom third-party keyboards whenever sensitive data is entered.
-
```
D:\python>frida -U -f com.milon.atvara -l frida-android-repinning.js --no-pause
____
/ _ | Frida 15.1.14 - A world-class dynamic instrumentation toolkit
| (_| |
> _ | Co…
-
MSTG-STORAGE-1 and MSTG-STORAGE-2 lists proper usage of Shared Preferences, but doesn't provide guidelines for the new Encrypted Shared Preferences, which automatically encrypt the contents of the XML…
-
In https://github.com/brightin/brightcontent/pull/57#discussion_r296152637 it came up that we should probably reset the session after logout and after login.
https://www.owasp.org/index.php/Broken_…
-
When running the below script:
```js
Java.perform(function () {
var str = Java.use("java.lang.String");
str.equals.overload("java.lang.Object").implementation = function (v) {
c…