Skip to content

The Mobile Security Testing Guide (MSTG) is a manual for testing the security of mobile apps. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). The MSTG is meant to provide a baseline set of test cases for black-box and white-box security tests, and to help ensure c…

Notifications You must be signed in to change notification settings

tanprathan/owasp-mstg

 
 

Repository files navigation

OWASP Mobile Security Testing Guide

This is the official Github Repository of the OWASP Mobile Security Testing Guide (MSTG). The MSTG is a comprehensive manual for testing the security of mobile apps. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). The MSTG is meant to provide a baseline set of test cases for black-box and white-box security tests, and to help ensure completeness and consistency of the tests.

Table of Contents

The following lists contains the individual sections of the MSTG, along with the person(s) responsible for each section. Please contact them directly to join as an author or give feedback. Another good place to start browsing is the detailed list of security test cases. If all you desire is a checklist, you can also download this as an Excel sheet.

Introductionary

High-Level Guides

Detailed Howtos -> Full list

Complementary

Suggestions and feedback

To report and error or suggest an improvement, please create an issue.

How to Contribute

Please read the author's guide first if you want to contribute.

The MSTG is an open source effort and we welcome contributions and feedback. To discuss the MASVS or MSTG join the OWASP Mobile Security Project Slack Channel. You can sign up here:

http://owasp.herokuapp.com/

About

The Mobile Security Testing Guide (MSTG) is a manual for testing the security of mobile apps. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). The MSTG is meant to provide a baseline set of test cases for black-box and white-box security tests, and to help ensure c…

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Shell 100.0%