Robuta

https://mas.owasp.org/MASTG/knowledge/android/MASVS-STORAGE/MASTG-KNOW-0041/ MASTG-KNOW-0041: Internal Storage - OWASP Mobile Application Security owasp mobile applicationinternal storagemastgknow0041 https://mas.owasp.org/MASTG/tests/android/MASVS-RESILIENCE/MASTG-TEST-0249/ MASTG-TEST-0249: Runtime Use of Secure Screen Lock Detection APIs - OWASP Mobile Application... owasp mobile applicationmastg testscreen lock0249runtime https://mas.owasp.org/MASTG/tools/android/MASTG-TOOL-0124/ MASTG-TOOL-0124: aapt2 - OWASP Mobile Application Security owasp mobile applicationmastg tool0124security https://mas.owasp.org/MASWE/MASVS-AUTH/MASWE-0046/ MASWE-0046: Crypto Keys Not Invalidated on New Biometric Enrollment - OWASP Mobile Application... owasp mobile applicationcrypto keysnew biometricmaswe0046 https://mas.owasp.org/MASVS/controls/MASVS-CRYPTO-1/ MASVS-CRYPTO-1 - OWASP Mobile Application Security owasp mobile applicationcrypto 1masvssecurity https://mas.owasp.org/MASTG/best-practices/MASTG-BEST-0006/ MASTG-BEST-0006: Use Up-to-Date APK Signing Schemes - OWASP Mobile Application Security owasp mobile applicationdate apkmastgbest0006 https://mas.owasp.org/MASWE/MASVS-CRYPTO/MASWE-0020/ MASWE-0020: Improper Encryption - OWASP Mobile Application Security owasp mobile applicationmaswe0020improperencryption https://mas.owasp.org/MASTG/tools/ios/MASTG-TOOL-0062/ MASTG-TOOL-0062: Plutil - OWASP Mobile Application Security owasp mobile applicationmastg tool0062security https://mas.owasp.org/MASTG/tools/network/MASTG-TOOL-0076/ MASTG-TOOL-0076: bettercap - OWASP Mobile Application Security owasp mobile applicationmastg tool0076bettercapsecurity https://mas.owasp.org/MASTG/tests/android/MASVS-NETWORK/MASTG-TEST-0021/ MASTG-TEST-0021: Testing Endpoint Identify Verification - OWASP Mobile Application Security owasp mobile applicationmastg test0021testingendpoint https://mas.owasp.org/MASTG/techniques/ios/MASTG-TECH-0112/ MASTG-TECH-0112: Obtaining the Code Signature Format Version - OWASP Mobile Application Security owasp mobile applicationmastg techformat version0112obtaining https://mas.owasp.org/MASTG/demos/ios/MASVS-RESILIENCE/MASTG-DEMO-0026/MASTG-DEMO-0026/ MASTG-DEMO-0026: Runtime Use of LAContext.canEvaluatePolicy with Frida - OWASP Mobile Application... owasp mobile applicationmastg demo0026runtimeuse https://mas.owasp.org/MASTG/tests/android/MASVS-CODE/MASTG-TEST-0034/ MASTG-TEST-0034: Testing Object Persistence - OWASP Mobile Application Security owasp mobile applicationmastg test0034testingobject https://owasp.org/www-project-mobile-app-security/ OWASP Mobile Application Security | OWASP Foundation The OWASP Mobile Application Security (MAS) project consists of a series of documents that establish a security and privacy standard for mobile apps and a... owasp mobile applicationsecurity foundation https://mas.owasp.org/MASTG/demos/android/MASVS-PLATFORM/MASTG-DEMO-0029/MASTG-DEMO-0029/ MASTG-DEMO-0029: Uses of WebViews Allowing Content Access with semgrep - OWASP Mobile Application... owasp mobile applicationmastg democontent access0029uses https://mas.owasp.org/MASTG/techniques/ios/MASTG-TECH-0113/ MASTG-TECH-0113: Obtaining Debugging Symbols - OWASP Mobile Application Security owasp mobile applicationmastg tech0113obtainingdebugging https://mas.owasp.org/MASTG/techniques/ios/MASTG-TECH-0067/ MASTG-TECH-0067: Dynamic Analysis on iOS - OWASP Mobile Application Security owasp mobile applicationmastg techdynamic analysis0067ios https://mas.owasp.org/donate/ Donations - OWASP Mobile Application Security owasp mobile applicationdonationssecurity https://mas.owasp.org/MASTG/techniques/android/MASTG-TECH-0109/ MASTG-TECH-0109: Intercepting Flutter HTTPS Traffic - OWASP Mobile Application Security owasp mobile applicationmastg tech0109interceptingflutter https://mas.owasp.org/MASTG/tests/android/MASVS-CODE/MASTG-TEST-0223/ MASTG-TEST-0223: Stack Canaries Not Enabled - OWASP Mobile Application Security owasp mobile applicationmastg test0223stackcanaries https://mas.owasp.org/MASTG/techniques/android/MASTG-TECH-0043/ MASTG-TECH-0043: Method Hooking - OWASP Mobile Application Security owasp mobile applicationmastg tech0043methodhooking https://mas.owasp.org/MASTG/apps/android/MASTG-APP-0009/ MASTG-APP-0009: DVHMA - OWASP Mobile Application Security owasp mobile applicationmastg0009security https://mas.owasp.org/MASWE/MASVS-RESILIENCE/MASWE-0098/ MASWE-0098: App Virtualization Environment Detection Not Implemented - OWASP Mobile Application... owasp mobile applicationenvironment detectionmaswe0098virtualization https://mas.owasp.org/MASWE/MASVS-AUTH/MASWE-0043/ MASWE-0043: App Custom PIN Not Bound to Platform KeyStore - OWASP Mobile Application Security owasp mobile applicationmaswe0043custompin https://mas.owasp.org/news/ Blog - OWASP Mobile Application Security owasp mobile applicationblogsecurity https://mas.owasp.org/MASTG/techniques/android/MASTG-TECH-0014/ MASTG-TECH-0014: Static Analysis on Android - OWASP Mobile Application Security owasp mobile applicationmastg techstatic analysis0014android https://mas.owasp.org/MASTG/tests/android/MASVS-PLATFORM/MASTG-TEST-0315/ MASTG-TEST-0315: Sensitive Data Exposed via Notifications - OWASP Mobile Application Security owasp mobile applicationmastg testsensitive dataexposed via0315 https://mas.owasp.org/MASWE/MASVS-PLATFORM/MASWE-0071/ MASWE-0071: WebViews Loading Content from Untrusted Sources - OWASP Mobile Application Security owasp mobile applicationloading contentmaswe0071webviews https://mas.owasp.org/MASVS/controls/MASVS-PRIVACY-3/ MASVS-PRIVACY-3 - OWASP Mobile Application Security owasp mobile applicationmasvsprivacy3security https://mas.owasp.org/contributing/writing-content/mastg-best-practice.instructions/ Writing MASTG Best Practices Files - OWASP Mobile Application Security owasp mobile applicationbest practiceswritingmastgfiles https://mas.owasp.org/MASTG/knowledge/ios/MASVS-RESILIENCE/MASTG-KNOW-0086/ MASTG-KNOW-0086: File Integrity Checks - OWASP Mobile Application Security owasp mobile applicationfile integritymastgknow0086 https://mas.owasp.org/MASTG/tools/ios/MASTG-TOOL-0135/ MASTG-TOOL-0135: PlistBuddy - OWASP Mobile Application Security owasp mobile applicationmastg tool0135security https://mas.owasp.org/MASTG/tests/android/MASVS-RESILIENCE/MASTG-TEST-0039/ MASTG-TEST-0039: Testing whether the App is Debuggable - OWASP Mobile Application Security owasp mobile applicationmastg test0039testingwhether https://mas.owasp.org/MASTG/tests/android/MASVS-PLATFORM/MASTG-TEST-0024/ MASTG-TEST-0024: Testing for App Permissions - OWASP Mobile Application Security owasp mobile applicationmastg test0024testingpermissions https://mas.owasp.org/MASTG/tests/android/MASVS-RESILIENCE/MASTG-TEST-0265/ MASTG-TEST-0265: References to StrictMode APIs - OWASP Mobile Application Security owasp mobile applicationmastg test0265referencesstrictmode