-
WEBSITE
Android Security Testing - OWASP Mobile Application Security
In this chapter, we'll dive into setting up a security testing environment and introduce you to some practical processes and techniques for testing the security of Android apps. These are the building blocks for the MASTG test cases.
Do more...
Share, comment, bookmark or report
-
WEBSITE
Assessment and Certification - OWASP Mobile Application Security
A good mobile app security testing methodology should cover all controls listed in the MASVS. The OWASP Mobile Application Security Testing Guide (MASTG) describes black-box and white-box test cases for each verification control.
Do more...
Share, comment, bookmark or report
-
WEBSITE
Testing Tools - OWASP Mobile Application Security
Testing Tools. The OWASP MASTG includes many tools to assist you in executing test cases, allowing you to perform static analysis, dynamic analysis, network interception, etc. These tools are intended to help you perform your own assessments, rather than provide a conclusive result on the security status of an app.
Do more...
Share, comment, bookmark or report
-
WEBSITE
iOS Security Testing - OWASP Mobile Application Security
In this chapter, we'll dive into setting up a security testing environment and introduce you to some practical processes and techniques for testing the security of iOS apps. These are the building blocks for the MASTG test cases.
Do more...
Share, comment, bookmark or report
-
WEBSITE
OWASP Mobile Application Security
The OWASP Mobile Application Security (MAS) flagship project provides a security standard for mobile apps (OWASP MASVS) and a comprehensive testing guide (OWASP MASTG) that covers the processes, techniques, and tools used during a mobile app security test, as well as an exhaustive set of test cases that enables testers to deliver consistent and ...
Do more...
Share, comment, bookmark or report
-
WEBSITE
Mobile App Network Communication - OWASP Mobile Application Security
Consequently, network-based attacks (such as packet sniffing and man-in-the-middle-attacks) are a problem. In this chapter we discuss potential vulnerabilities, testing techniques, and best practices concerning the network communication between mobile apps and their endpoints.
Do more...
Share, comment, bookmark or report
-
WEBSITE
Mobile App Cryptography - OWASP Mobile Application Security
Verify that cryptographic algorithms are up to date and in-line with industry standards. Vulnerable algorithms include outdated block ciphers (such as DES and 3DES), stream ciphers (such as RC4), hash functions (such as MD5 and SHA1), and broken random number generators (such as Dual_EC_DRBG and SHA1PRNG).
Do more...
Share, comment, bookmark or report
-
WEBSITE
MASTG Tests (v1) - OWASP Mobile Application Security
Mobile Application Security Testing Mobile App Tampering and Reverse Engineering Mobile App Authentication Architectures ... The Mobile Application Security Verification Standard Assessment and Certification MASVS-STORAGE MASVS-STORAGE-1 MASVS-STORAGE-2 MASVS-CRYPTO
Do more...
Share, comment, bookmark or report
-
WEBSITE
Mobile Application Security Testing - OWASP
A mobile app security test is usually part of a larger security assessment or penetration test that encompasses the client-server architecture and server-side APIs used by the mobile app. In this guide, we cover mobile app security testing in two contexts.
Do more...
Share, comment, bookmark or report
-
WEBSITE
The Mobile Application Security Verification Standard - OWASP
The Mobile Application Security Verification Standard (MASVS) is a comprehensive security standard developed by the Open Worldwide Application Security Project (OWASP). This framework provides a clear and concise set of guidelines and best practices for assessing and enhancing the security of mobile applications.
Do more...
Share, comment, bookmark or report
Comments