OWASP Mobile Application Security Testing Guide (MASTG)
This is the official GitHub Repository of the OWASP Mobile Application Security Testing Guide (MASTG). The MASTG is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). ⬇️ Download the latest PDF ✅ Get the latest Mobile App Security Checklists ⚡ Contribute! 💥 Play with our Crackmes Trusted by ... The OWASP MASVS and MASTG are trusted by the following platform providers and standardization, governmental and educational institutions. Learn more. 🥇 MAS Advocates MAS Advocates are industry adopters of the OWASP MASVS and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word. Learn more. Connect with Us GitHub Discussions #project-mobile-app-security (Get Invitation) @OWASP_MAS (Official Account) @bsd_daemon (Sven Schleier, Project Lead) @grepharder (Carlos Holguera, Project Lead) Other Formats Get the printed version via lulu.com Get the e-book
FEATURES
ALTERNATIVES
CHIPSEC is a framework for analyzing the security of PC platforms and components, with tools for low-level interfaces and forensic capabilities.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
Android application for learning about vulnerabilities in modern Android apps and testing pentesting skills.
StringSifter is a machine learning tool for automatically ranking strings for malware analysis.
A project providing a low-cost ICS testbed with affordable hardware, instructions, and attacker scenarios to facilitate learning in industrial security.
Verify scripts and executables to mitigate chain of supply attacks.
Scans SPF and DMARC records for issues that could allow email spoofing.
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.