[Phase 1] Refactor 0x05f-Testing-Local-Authentication.md - Githubissues

OWASP / owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

https://mas.owasp.org/

Creative Commons Attribution Share Alike 4.0 International

11.8k stars 2.35k forks source link

[Phase 1] Refactor 0x05f-Testing-Local-Authentication.md #2215

Closed cpholguera closed 1 year ago

cpholguera commented 2 years ago

Go through each test case (1 MR per chapter)
Extract any general information and put it to the theory overview
- Each chapter must have a “## Overview” section and then several “## Testing …(MSTG-XXX-YY)” sections
- Strategy 1: move theory to chapter overview
- Strategy 2: move theory to general chapter overview
Only leave a test description on each test (see notes)

Notes:

Follow the style guide
If it helps you may already “pre-split” some tests by using:
- “### “ subsections (example)
- or “-” bullet point lists if there’s not enough details yet (example, right before the linked test there’s a list with several “- Check …”).

iotaaxel commented 2 years ago

Working on this.

AndreMCCarvalho commented 2 years ago

Maybe make for this page also the other ones (MASTG-XXX-YY) instead of (MSTG-XXX-YY) to be in sync with the new name?

cpholguera commented 2 years ago

Thanks for the suggestion @AndreMCCarvalho, that has to wait a little bit.

Those IDs starting with "MSTG-" are actually MASVS IDs. When you read the title of a MASTG test now it's telling you the MASVS ID covered by that test.

We are aware that this is confusing and that's why we're correcting that in the MASVS v2, they will start with "MASVS-".