MASVS 6.8 missing for iOS

OWASP / owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

https://mas.owasp.org/

Creative Commons Attribution Share Alike 4.0 International

11.6k stars 2.29k forks source link

MASVS 6.8 missing for iOS #928

Closed sushi2k closed 5 years ago

sushi2k commented 6 years ago

MASVS 6.8: Object deserialization, if any, is implemented using safe serialization APIs.

See Android Test Case: https://mobile-security.gitbook.io/mobile-security-testing-guide/android-testing-guide/0x05h-testing-platform-interaction#testing-object-persistence

commjoen commented 5 years ago

Will combine this with possible input sanitization methods.

commjoen commented 5 years ago

Fixed in #1045