The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
The file structure is as follows: risks/<masvs_category>/<masvs_control_alias>/<risk_alias>/<test_alias>/example-*/
This draft also includes 2 new components: mitigations and prerequisites. Feel free to review and provide feedback on these as well.
DISCLAIMER
This risk and test is a "preview draft", and therefore subject to change. We will be incorporating suggestions and new changes at any time until we finalize it.
How to provide feedback
Please include comments directly in this issue.
Feedback about the Guidelines is also welcome: Please include comments on the guidelines directly in the Google Doc using the "Comment" function.
This is a preview of the new implementation of risks and tests for the MAS project.
In this issue we'd like to collect your feedback regarding:
Guidelines
The guidelines for writing these new components are available here and are open for feedback. Be sure to read them before providing feedback.
Risks, Tests & Examples
The file structure is as follows:
risks/<masvs_category>/<masvs_control_alias>/<risk_alias>/<test_alias>/example-*/
This draft also includes 2 new components: mitigations and prerequisites. Feel free to review and provide feedback on these as well.
DISCLAIMER
How to provide feedback
Please include comments directly in this issue.
Feedback about the Guidelines is also welcome: Please include comments on the guidelines directly in the Google Doc using the "Comment" function.