OWASP Mobile Application Security Testing Guide (MASTG)
This is the official GitHub Repository of the OWASP Mobile Application Security Testing Guide (MASTG). The MASTG is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). ⬇️ Download the latest PDF ✅ Get the latest Mobile App Security Checklists ⚡ Contribute! 💥 Play with our Crackmes Trusted by ... The OWASP MASVS and MASTG are trusted by the following platform providers and standardization, governmental and educational institutions. Learn more. 🥇 MAS Advocates MAS Advocates are industry adopters of the OWASP MASVS and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word. Learn more. Connect with Us GitHub Discussions #project-mobile-app-security (Get Invitation) @OWASP_MAS (Official Account) @bsd_daemon (Sven Schleier, Project Lead) @grepharder (Carlos Holguera, Project Lead) Other Formats Get the printed version via lulu.com Get the e-book
FEATURES
ALTERNATIVES
Rspamd is an advanced spam filtering system and email processing framework with comprehensive features like Lua API and asynchronous network API.
An open-source phishing toolkit for businesses and penetration testers.
Scans SPF and DMARC records for issues that could allow email spoofing.
A comprehensive checklist for securing Android apps
A tool for quantitative risk analysis of Android applications using machine learning techniques.
Steghide is a steganography program for hiding data in image and audio files.
DroidBox is a tool for dynamic analysis of Android applications, providing insights into package behavior and security.
An open source framework for security assessments of iOS apps, now decommissioned in favor of Objection.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.