0x05g - ssl settings should incorporate the notion of using a patched trustmanager

OWASP / owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

https://mas.owasp.org/

Creative Commons Attribution Share Alike 4.0 International

11.61k stars 2.29k forks source link

0x05g - ssl settings should incorporate the notion of using a patched trustmanager #452

Closed commjoen closed 7 years ago

commjoen commented 7 years ago

We should include the notion of a patched security provider and test on that. See https://developer.android.com/training/articles/security-gms-provider.html for more details.

sushi2k commented 7 years ago

Covered in https://github.com/OWASP/owasp-mstg/issues/517