search

OWASP / owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
https://mas.owasp.org/
Creative Commons Attribution Share Alike 4.0 International
11.57k stars 2.29k forks source link

References to CWE and OWASP Mobile Top 10 #1

Closed sushi2k closed 7 years ago

sushi2k commented 7 years ago

In the guide we created in Google Docs we had also references to CWE and the OWASP Mobile Top 10. I think we should continue this, to reference properly to a common vulnerability type or weakness if one is applicable to the test case. I just put it in the test case I am migrating right now from Google Docs to GitHub.
What do you guys think?

screenshot at oct 09 14-59-19

muellerberndt commented 7 years ago

Yes, definitely! I also added both to the MASVS recently.

From: Sven notifications@github.com Reply-To: b-mueller/owasp-mstg reply@reply.github.com Date: Sunday, October 9, 2016 at 3:02 PM To: b-mueller/owasp-mstg owasp-mstg@noreply.github.com Subject: [b-mueller/owasp-mstg] References to CWE and OWASP Mobile Top 10 (#1)

In the guide we created in Google Docs we had also references to CWE and the OWASP Mobile Top 10. I think we should continue this, to reference properly to a common vulnerability type or weakness if one is applicable to the test case. I just put it in the test case I am migrating right now from Google Docs to GitHub.

What do you guys think?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

sushi2k commented 7 years ago

I put the reference to OWASP Mobile Top 10 and CWE into the template. Will close this now.

https://github.com/OWASP/owasp-mstg/commit/a08488f6e2d1134ab3af5e345ae2ce55a9788b9f