OWASP Mobile Security Testing Guide (MSTG).

Admin
The OWASP Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing
and reverse engineering. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). You can also read the MSTG on Gitbook or download it as an e-book.
The MSTG and the MASVS are being adopted by many companies, standards, and various organizations.

General Testing Guide

  • Mobile App Authentication Architectures
  • Testing Network Communication
  • Cryptography in Mobile Apps
  • Testing Code Quality
  • Tampering and Reverse Engineering
  • Testing User Education

Android Testing Guide

  • Platform Overview
  • Android Basic Security Testing
  • Data Storage on Android
  • Android Cryptographic APIs
  • Local Authentication on Android
  • Android Network APIs
  • Android Platform APIs
  • Code Quality and Build Settings for Android Apps
  • Tampering and Reverse Engineering on Android
  • Android Anti-Reversing Defenses

iOS Testing Guide

  • Platform Overview
  • iOS Basic Security Testing
  • Data Storage on iOS
  • iOS Cryptographic APIs
  • Local Authentication on iOS
  • iOS Network APIs
  • iOS Platform APIs
  • Code Quality and Build Settings for iOS Apps
  • Tampering and Reverse Engineering on iOS
  • iOS Anti-Reversing Defenses

Get MSTG