owasp-mastg
Mobile App Security Guide
A comprehensive guide to mobile app security testing and reverse engineering
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
12k stars
424 watching
2k forks
Language: Python
last commit: about 1 month ago
Linked from 4 awesome lists
androidandroid-applicationcompliancy-checklistdynamic-analysishackingiosios-appmastmastgmobile-appmobile-securitymstgnetwork-analysispentestingreverse-engineeringreverse-enginneringruntime-analysisstatic-analysistesting-cryptography
sbilly/awesome-security
ashishb/android-security-awesome
vaib25vicky/awesome-mobile-security
bytesnipers/awesome-pentest-cheat-sheetsRelated projects:
| Repository | Description | Stars |
|---|---|---|
| owasp/wstg | A comprehensive guide to testing the security of web applications and services | 7,431 |
| owasp/cheatsheetseries | Provides concise security guidance for web application developers | 28,396 |
 tanprathan/mobileapp-pentest-cheatsheet | A collection of tools and resources for conducting security assessments and penetration testing on mobile applications. | 4,609 |
| tanprathan/owasp-testing-checklist | A comprehensive security testing checklist based on OWASP guidelines | 1,523 |
 webpwnized/mutillidae | An intentionally vulnerable web application designed to aid in learning and practicing web security skills | 1,282 |
 xtiankisutsa/mara_framework | An all-in-one toolkit to analyze and test mobile applications for security vulnerabilities | 630 |
 mobsf/mobile-security-framework-mobsf | An automated, all-in-one platform for mobile application security assessment and analysis | 17,691 |
| owasp/raider | A framework for simulating and testing complex web authentication processes | 104 |
 0xradi/owasp-web-checklist | A comprehensive checklist for web application security testing and vulnerability assessment | 1,763 |
 coreruleset/coreruleset | A comprehensive set of rules to detect and prevent web application attacks | 2,330 |
| owasp/nettacker | Automated tool for identifying vulnerabilities and gathering information about network services and systems. | 3,700 |
| owasp/iotgoat | A deliberately insecure firmware designed to test common vulnerabilities in IoT devices | 717 |
 voorivex/pentest-guide | A comprehensive guide for penetration testing and vulnerability assessment based on OWASP guidelines | 2,497 |
 owasp-amass/amass | An information gathering and reconnaissance tool used to map attack surfaces and discover external assets on networks. | 12,185 |
| owasp/joomscan | Automated vulnerability scanner for Joomla CMS deployments to identify potential security issues. | 1,088 |