Skip to content
/ mastg Public

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

mas.owasp.org/

License

CC-BY-SA-4.0 license
12.4k stars 2.5k forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

OWASP/mastg

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9,600 Commits
.devcontainer
.devcontainer
 
 
.github
.github
 
 
.vscode
.vscode
 
 
Crackmes
Crackmes
 
 
Document
Document
 
 
Samples/Android
Samples/Android
 
 
apps
apps
 
 
best-practices
best-practices
 
 
demos
demos
 
 
docs
docs
 
 
prerequisites
prerequisites
 
 
rules
rules
 
 
src
src
 
 
techniques
techniques
 
 
tests-beta
tests-beta
 
 
tests
tests
 
 
tools
tools
 
 
utils
utils
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
.markdownlinkcheck.json
.markdownlinkcheck.json
 
 
.markdownlint-cli2.jsonc
.markdownlint-cli2.jsonc
 
 
.markdownlint.jsonc
.markdownlint.jsonc
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CITATION.cff
CITATION.cff
 
 
Dockerfile
Dockerfile
 
 
License.md
License.md
 
 
README.md
README.md
 
 
about_cookies.md
about_cookies.md
 
 
cover.pdf
cover.pdf
 
 
cover.png
cover.png
 
 
mkdocs.yml
mkdocs.yml
 
 
run_web.sh
run_web.sh
 
 

Repository files navigation

OWASP Mobile Application Security Testing Guide (MASTG)

OWASP Flagship Creative Commons License

Document Build Markdown Linter URL Checker

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the controls listed in the OWASP Mobile Application Verification Standard (MASVS).

OWASP MAS: OWASP MASVSOWASP MASWEOWASP MASTG




Trusted by

The OWASP MASVS, MASWE and MASTG are trusted by the following platform providers and standardization, governmental and educational institutions. Learn more.


🥇 MAS Advocates

MAS Advocates are industry adopters of the OWASP MASVS, MASWE and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word. Learn more.

About

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

mas.owasp.org/

Topics

android ios static-analysis reverse-engineering hacking mobile-app android-application ios-app dynamic-analysis pentesting mobile-security network-analysis mast reverse-enginnering runtime-analysis mstg testing-cryptography compliancy-checklist mastg

Resources

Readme

License

CC-BY-SA-4.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

12.4k stars

Watchers

419 watching

Forks

2.5k forks
Report repository

Releases 17

v1.7.0 Latest
Oct 31, 2023
+ 16 releases

Sponsor this project

Contributors 245
+ 231 contributors

Languages