Awesome

OWASP Mobile Application Security Testing Guide (MASTG)

This is the official GitHub Repository of the OWASP Mobile Application Security Testing Guide (MASTG). The MASTG is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS).

⬇️ Download the latest PDF
✅ Get the latest Mobile App Security Checklists
⚡ Contribute!
💥 Play with our Crackmes

Trusted by

The OWASP MASVS and MASTG are trusted by the following platform providers and standardization, governmental and educational institutions. Learn more.

🥇 MAS Advocates

MAS Advocates are industry adopters of the OWASP MASVS and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word. Learn more.

Connect with Us

<ul> <li><a href="https://github.com/OWASP/owasp-mastg/discussions"><img src="Document/Images/GitHub_logo.png" width="14px"> GitHub Discussions</a></li> <li><a href="https://owasp.slack.com/archives/C1M6ZVC6S"><img src="Document/Images/slack_logo.png" width="14px"> #project-mobile-app-security</a> (<a href="https://owasp.slack.com/join/shared_invite/zt-g398htpy-AZ40HOM1WUOZguJKbblqkw#//">Get Invitation</a>)</li> <li><a href="https://twitter.com/OWASP_MAS"><img src="Document/Images/twitter_logo.png" width="14px"> @OWASP_MAS </a> (Official Account)</li> <li><a href="https://twitter.com/bsd_daemon"><img src="Document/Images/twitter_logo.png" width="14px"> @bsd_daemon </a> (Sven Schleier, Project Lead) <a href="https://twitter.com/grepharder"><img src="Document/Images/twitter_logo.png" width="14px"> @grepharder </a> (Carlos Holguera, Project Lead)</li> </ul>

Other Formats

Get the printed version via lulu.com
Get the e-book on leanpub.com (please consider purchasing it to support our project or make a donation)
Check our Document generation scripts