Closed romualdszkudlarek closed 6 years ago
They have different purpose. The root detection section in 0x05h is checking if root detection is present and implemented in the Mobile App as part of the MASVS requirement. The root detection section in 0x05j is going further and is checking if two or more independent root detection mechanism are present to be more resilient against reverse engineering. But the chapters need to be aligned more, to point this out properly. Thanks for sharing.
Hey Sushi2k, I had the same concern recently and eliminated some of the duplicate chapters. It just doesn't make sense when looking at the MSTG standalone to address the exact same topic twice. I have written about handling root detection in detail in 0x05j. If no concerns I will remove the section in 0x05h - we can link both checklist items to 0x05j?
Yes. I looked again at the chapters and the best would be to do it like this. Just reference to 0x05j
Both 0x5j and 0x5h contain a "Testing Root Detection" section. Should we remove one of them? Or rename one of them? Change the purpose of one?