Data

Tools

Indexes

Applications

Experiments

Open Source Science

mastg

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

https://github.com/owasp/mastg

Science Score: 44.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
    Found CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (8.5%) to scientific vocabulary

Keywords

android android-application compliancy-checklist dynamic-analysis hacking ios ios-app mast mastg mobile-app mobile-security mstg network-analysis pentesting reverse-engineering reverse-enginnering runtime-analysis static-analysis testing-cryptography
Last synced: 6 months ago · JSON representation ·

Repository

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

Basic Info
  • Host: GitHub
  • Owner: OWASP
  • License: cc-by-sa-4.0
  • Language: Python
  • Default Branch: master
  • Homepage: http://mas.owasp.org/
  • Size: 415 MB
Statistics
  • Stars: 12,453
  • Watchers: 417
  • Forks: 2,490
  • Open Issues: 338
  • Releases: 17
Topics
android android-application compliancy-checklist dynamic-analysis hacking ios ios-app mast mastg mobile-app mobile-security mstg network-analysis pentesting reverse-engineering reverse-enginnering runtime-analysis static-analysis testing-cryptography
Created over 9 years ago · Last pushed 6 months ago
Metadata Files
Readme Changelog Contributing Funding License Code of conduct Citation Security

README.md

OWASP Mobile Application Security Testing Guide (MASTG)

OWASP Flagship Creative Commons License

Markdown Linter URL Checker

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the controls listed in the OWASP Mobile Application Verification Standard (MASVS).

OWASP MAS: OWASP MASVSOWASP MASWEOWASP MASTG




Trusted by

The OWASP MASVS, MASWE and MASTG are trusted by the following platform providers and standardization, governmental and educational institutions. Learn more.


🥇 MAS Advocates

MAS Advocates are industry adopters of the OWASP MASVS, MASWE and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word. Learn more.



Owner

  • Name: OWASP
  • Login: OWASP
  • Kind: organization
  • Email: admin@owasp.com
  • Location: United States of America

The OWASP Foundation

Citation (CITATION.cff) 

# YAML 1.2
---
abstract: "The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS)."
authors: 
  -
    family-names: Holguera
    given-names: Carlos
  -
    family-names: Schleier
    given-names: Sven
  -
    family-names: Mueller
    given-names: Bernhard
  -
    family-names: Willemsen
    given-names: Jeroen
cff-version: "1.1.0"
date-released: 2022-09-05
identifiers: 
  - 
    type: isbn
    value: "978-1-257-96636-3"
keywords: 
  - "mobile security"
  - "Android security"
  - "iOS security"
  - "mobile pentesting"
license: "CC-BY-SA-4.0"
message: "If you use the MASTG, please cite it using these metadata."
repository-code: "https://github.com/OWASP/mastg/"
title: "OWASP Mobile Application Security Testing Guide"
version: "1.5.0"
...

GitHub Events

Total
  • Create event: 18
  • Issues event: 18
  • Watch event: 67
  • Delete event: 20
  • Member event: 1
  • Issue comment event: 37
  • Push event: 95
  • Pull request review event: 90
  • Pull request review comment event: 71
  • Pull request event: 66
  • Fork event: 26
Last Year
  • Create event: 18
  • Issues event: 18
  • Watch event: 67
  • Delete event: 20
  • Member event: 1
  • Issue comment event: 37
  • Push event: 95
  • Pull request review event: 90
  • Pull request review comment event: 71
  • Pull request event: 66
  • Fork event: 26

Issues and Pull Requests

Last synced: 6 months ago

All Time
  • Total issues: 11
  • Total pull requests: 40
  • Average time to close issues: about 24 hours
  • Average time to close pull requests: 13 days
  • Total issue authors: 4
  • Total pull request authors: 9
  • Average comments per issue: 0.18
  • Average comments per pull request: 0.45
  • Merged pull requests: 17
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 11
  • Pull requests: 40
  • Average time to close issues: about 24 hours
  • Average time to close pull requests: 13 days
  • Issue authors: 4
  • Pull request authors: 9
  • Average comments per issue: 0.18
  • Average comments per pull request: 0.45
  • Merged pull requests: 17
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
  • bernhste (4)
  • cpholguera (4)
  • ben854719 (2)
  • sydseter (1)
Pull Request Authors
  • cpholguera (21)
  • sydseter (6)
  • Copilot (4)
  • TheDauntless (4)
  • ben854719 (1)
  • serek8 (1)
  • sk3l10x1ng (1)
  • Batalian (1)
  • nobodynate (1)
Top Labels
Issue Labels
frida-util (1) website (1)
Pull Request Labels
ignore-for-release (12) org (2) website (1) MASVS-STORAGE (1) MASVS-PLATFORM (1) MASWE (1)

Dependencies

.github/workflows/build-website.yml actions
  • actions/checkout v2 composite
  • actions/setup-python v2 composite
.github/workflows/codeql-analysis.yml actions
  • actions/checkout v2 composite
  • github/codeql-action/analyze v1 composite
  • github/codeql-action/autobuild v2 composite
  • github/codeql-action/init v2 composite
.github/workflows/docgenerator.yml actions
  • actions/checkout v2 composite
  • actions/download-artifact v2 composite
  • actions/upload-artifact v2 composite
  • softprops/action-gh-release v1 composite
.github/workflows/labeler.yml actions
  • actions/labeler v4 composite
.github/workflows/markdown-linter.yml actions
  • actions/checkout v2 composite
  • nosborn/github-action-markdown-cli v3.0.1 composite
.github/workflows/spell-checker.yml actions
  • actions/checkout v2 composite
  • codespell-project/actions-codespell master composite
.github/workflows/url-checker-pr.yml actions
  • actions/checkout v2 composite
  • gaurav-nelson/github-action-markdown-link-check v1 composite
.github/workflows/url-checker.yml actions
  • actions/checkout v2 composite
  • gaurav-nelson/github-action-markdown-link-check v1 composite