Open sushi2k opened 3 years ago
I can do that :)
The same applies to House (with that limitation it only supports Android). I can combine this into one PR with issue #1679 and this one.
As a matter of fact, when I look at https://mobile-security.gitbook.io/mobile-security-testing-guide/general-mobile-app-testing-guide/0x04c-tampering-and-reverse-engineering#frida I see that the following case should applied as well to:
Additionally, it can be combined with the statement if something is written down on tools page we should just reference it (and not repeat in the MSTG).
PR #1843 is bringing all the tool descriptions to one unique place. The rest of the guide will then reference back there whenever a tool is used consistently. Example from 0x04c (part of the PR as well):
Substrate, [Frida](0x08-Testing-Tools.md#frida), and [Xposed](0x08-Testing-Tools.md#xposed) are the most widely used hooking and code injection frameworks in the mobile industry.
This will have tremendous advantages including:
Maybe you can help us adding any missing links or moving any remaining tools after that PR is merged. What do you think about this new approach?
@cpholguera finally long awaited commit :) Very good work.
Regarding objection, I would trim a bit and maybe give more references to documentation (like, do we really need a cheat-sheet like using objection for android
?). My main concern is maintenance cost here (especially when this chapter is going to grow).
I would rather replace that non related usage in 0x08 to samples in actual test cases. What do you think about that?
Hey @lwierzbicki I totally agree, that's the way to go. Thanks for the suggestion ;)
hi @lwierzbicki I've sent you an invitation, I was wondering why I couldn't assign you any issues until now. That should make it ;)
Describe the issue
Similiar to Frida (https://mobile-security.gitbook.io/mobile-security-testing-guide/general-mobile-app-testing-guide/0x04c-tampering-and-reverse-engineering#frida) objection should be described in the generic tampering section and then only what is relevant for iOS and Andorid in the specific chapters to avoid redundancies and link to it.
Objection is described here:
Whatever is redundant should be moved to here, for example after Frida https://mobile-security.gitbook.io/mobile-security-testing-guide/general-mobile-app-testing-guide/0x04c-tampering-and-reverse-engineering#frida.
Optional: Testcase or section Describe the testcase or section which has the issue.
Optional: Additional context Add any other context about the issue here.