owasp-mastg

Mobile App Security Guide

A comprehensive guide to mobile app security testing and reverse engineering

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

GitHub

12k stars
421 watching
2k forks
Language: Python
last commit: 1 day ago
Linked from 4 awesome lists

androidandroid-applicationcompliancy-checklistdynamic-analysishackingiosios-appmastmastgmobile-appmobile-securitymstgnetwork-analysispentestingreverse-engineeringreverse-enginneringruntime-analysisstatic-analysistesting-cryptography

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
owasp/wstg A comprehensive guide to testing the security of web applications and services 7,338
owasp/cheatsheetseries Provides concise security guidance for web application developers 28,160
tanprathan/mobileapp-pentest-cheatsheet A collection of tools and resources for conducting security assessments and penetration testing on mobile applications. 4,598
tanprathan/owasp-testing-checklist A comprehensive security testing checklist based on OWASP guidelines 1,506
webpwnized/mutillidae A deliberately vulnerable web application providing a controlled environment for learning and practicing web security skills. 1,267
xtiankisutsa/mara_framework An all-in-one toolkit to analyze and test mobile applications for security vulnerabilities 630
mobsf/mobile-security-framework-mobsf Automated security analysis and assessment of mobile applications 17,504
owasp/raider A framework for simulating and testing complex web authentication processes 104
0xradi/owasp-web-checklist A comprehensive checklist for web application security testing and vulnerability assessment 1,750
coreruleset/coreruleset A set of generic attack detection rules for web application firewalls to protect against common attacks. 2,286
owasp/nettacker Automated tool for identifying vulnerabilities and gathering information about network services and systems. 3,618
owasp/iotgoat A deliberately insecure firmware designed to test common vulnerabilities in IoT devices 701
voorivex/pentest-guide A comprehensive guide for penetration testing and vulnerability assessment based on OWASP guidelines 2,478
owasp-amass/amass An information gathering and reconnaissance tool used to map attack surfaces and discover external assets on networks. 12,067
owasp/joomscan Automated vulnerability scanner for Joomla CMS deployments to identify potential security issues. 1,078