owasp-mastg
Mobile App Security Guide
A comprehensive guide to mobile app security testing and reverse engineering
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
12k stars
422 watching
2k forks
Language: Python
last commit: 8 days ago
Linked from 4 awesome lists
androidandroid-applicationcompliancy-checklistdynamic-analysishackingiosios-appmastmastgmobile-appmobile-securitymstgnetwork-analysispentestingreverse-engineeringreverse-enginneringruntime-analysisstatic-analysistesting-cryptography
sbilly/awesome-security
ashishb/android-security-awesome
vaib25vicky/awesome-mobile-security
bytesnipers/awesome-pentest-cheat-sheetsRelated projects:
| Repository | Description | Stars |
|---|---|---|
| owasp/wstg | A comprehensive guide to testing the security of web applications and services | 7,338 |
| owasp/cheatsheetseries | Provides concise security guidance for web application developers | 28,160 |
 tanprathan/mobileapp-pentest-cheatsheet | A collection of tools and resources for conducting security assessments and penetration testing on mobile applications. | 4,595 |
| tanprathan/owasp-testing-checklist | A comprehensive security testing checklist based on OWASP guidelines | 1,506 |
 webpwnized/mutillidae | A deliberately vulnerable web application providing a controlled environment for learning and practicing web security skills. | 1,267 |
 xtiankisutsa/mara_framework | An all-in-one toolkit to analyze and test mobile applications for security vulnerabilities | 630 |
 mobsf/mobile-security-framework-mobsf | Automated security analysis and assessment of mobile applications | 17,453 |
| owasp/raider | A framework for simulating and testing complex web authentication processes | 104 |
 0xradi/owasp-web-checklist | A comprehensive checklist for web application security testing and vulnerability assessment | 1,747 |
 coreruleset/coreruleset | A set of generic attack detection rules for web application firewalls to protect against common attacks. | 2,286 |
| owasp/nettacker | Automated tool for identifying vulnerabilities and gathering information about network services and systems. | 3,618 |
| owasp/iotgoat | A deliberately insecure firmware designed to test common vulnerabilities in IoT devices | 701 |
 voorivex/pentest-guide | A comprehensive guide for penetration testing and vulnerability assessment based on OWASP guidelines | 2,478 |
 owasp-amass/amass | An information gathering and reconnaissance tool used to map attack surfaces and discover external assets on networks. | 12,067 |
| owasp/joomscan | Automated vulnerability scanner for Joomla CMS deployments to identify potential security issues. | 1,078 |