MASTG Tests
About the MASTG Tests
The MASTG "Atomic Tests" are a new addition to the MAS project. They are a collection of small, individual tests that can be used to assess the security and privacy of a mobile application. Each test is designed to be simple and focused on a single issue. The goal is to make it easier for developers and security professionals to identify and fix issues in their mobile applications.
Tests are organized into categories based on the OWASP MASVS and have a weakness assigned from the OWASP MASWE.
Each test includes:
- Overview: A brief description of the test.
- Steps: A set of steps to follow to identify the weakness in a mobile application.
- Observation: A description of the results of running the test against an application.
- Evaluation: Specific instructions for evaluating the results of the test.
Each test comes with a collection of demos that demonstrate the weakness in a sample application. These demos are written in markdown and are located in the Demos section of the MASTG.
Showing 1 to 172 of 172 entries
| ID | Title | Platform | L1 | L2 | R | P | Status |
|---|---|---|---|---|---|---|---|
| MASTG-TEST-0017 | Testing Confirm Credentials | platform:android | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0018 | Testing Biometric Authentication | platform:android | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0032 | Testing WebView Protocol Handlers | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0037 | Testing WebViews Cleanup | platform:android | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0252 | References to Local File Access in WebViews | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0253 | Runtime Use of Local File Access APIs in WebViews | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0033 | Testing for Java Objects Exposed Through WebViews | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0035 | Testing for Overlay Attacks | platform:android | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0010 | Finding Sensitive Information in Auto-Generated Screenshots | platform:android | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0031 | Testing JavaScript Execution in WebViews | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0029 | Testing for Sensitive Functionality Exposure Through IPC | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0251 | Runtime Use of Content Provider Access APIs in WebViews | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0007 | Determining Whether Sensitive Stored Data Has Been Exposed via IPC Mechanisms | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0024 | Testing for App Permissions | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0028 | Testing Deep Links | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0250 | References to Content Provider Access in WebViews | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0008 | Checking for Sensitive Data Disclosure Through the User Interface | platform:android | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0258 | References to Keyboard Caching Attributes in UI Elements | platform:android | profile:L2 | newstatus:new | |||
| MASTG-TEST-0030 | Testing for Vulnerable Implementation of PendingIntent | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0036 | Testing Enforced Updating | platform:android | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0027 | Testing for URL Loading in WebViews | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0002 | Testing Local Storage for Input Validation | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0026 | Testing Implicit Intents | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0034 | Testing Object Persistence | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0025 | Testing for Injection Flaws | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0274 | Dependencies with Known Vulnerabilities in the App's SBOM | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0042 | Checking for Weaknesses in Third Party Libraries | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0222 | Position Independent Code (PIC) Not Enabled | platform:android | profile:L2 | newstatus:new | |||
| MASTG-TEST-0044 | Make Sure That Free Security Features Are Activated | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0223 | Stack Canaries Not Enabled | platform:android | profile:L2 | newstatus:new | |||
| MASTG-TEST-0043 | Memory Corruption Bugs | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0272 | Identify Dependencies with Known Vulnerabilities in the Android Project | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0245 | References to Platform Version APIs | platform:android | profile:L2 | newstatus:new | |||
| MASTG-TEST-0015 | Testing the Purposes of Keys | platform:android | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0013 | Testing Symmetric Cryptography | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0232 | Weak Symmetric Encryption Modes | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0016 | Testing Random Number Generation | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0208 | Inappropriate Key Sizes | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0221 | Weak Symmetric Encryption Algorithms | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0205 | Non-random Sources Usage | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0014 | Testing the Configuration of Cryptographic Standard Algorithms | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0204 | Insecure Random API Usage | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0212 | Use of Hardcoded Cryptographic Keys in Code | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0235 | Android App Configurations Allowing Cleartext Traffic | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0236 | Cleartext Traffic Observed on the Network | platform:network | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0019 | Testing Data Encryption on the Network | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0218 | Insecure TLS Protocols in Network Traffic | platform:network | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0242 | Missing Certificate Pinning in Network Security Configuration | platform:android | profile:L2 | newstatus:new | |||
| MASTG-TEST-0023 | Testing the Security Provider | platform:android | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0217 | Insecure TLS Protocols Explicitly Allowed in Code | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0022 | Testing Custom Certificate Stores and Certificate Pinning | platform:android | profile:L2 | deprecatedstatus:deprecated | |||
| MASTG-TEST-0243 | Expired Certificate Pins in the Network Security Configuration | platform:android | profile:L2 | newstatus:new | |||
| MASTG-TEST-0244 | Missing Certificate Pinning in Network Traffic | platform:network | profile:L2 | newstatus:new | |||
| MASTG-TEST-0239 | Using low-level APIs (e.g. Socket) to set up a custom HTTP connection | platform:android | profile:L1 | profile:L2 | placeholderstatus:placeholder | ||
| MASTG-TEST-0234 | SSLSockets not Properly Verifying Hostnames | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0238 | Runtime Use of Network APIs Transmitting Cleartext Traffic | platform:android | profile:L1 | profile:L2 | placeholderstatus:placeholder | ||
| MASTG-TEST-0020 | Testing the TLS Settings | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0021 | Testing Endpoint Identify Verification | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0233 | Hardcoded HTTP URLs | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0237 | Cross-Platform Framework Configurations Allowing Cleartext Traffic | platform:android | profile:L1 | profile:L2 | placeholderstatus:placeholder | ||
| MASTG-TEST-0249 | Runtime Use of Secure Screen Lock Detection APIs | platform:android | profile:L2 | newstatus:new | |||
| MASTG-TEST-0047 | Testing File Integrity Checks | platform:android | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0049 | Testing Emulator Detection | platform:android | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0225 | Usage of Insecure Signature Key Size | platform:android | profile:R | newstatus:new | |||
| MASTG-TEST-0247 | References to APIs for Detecting Secure Screen Lock | platform:android | profile:L2 | newstatus:new | |||
| MASTG-TEST-0041 | Testing for Debugging Code and Verbose Error Logging | platform:android | profile:R | deprecatedstatus:deprecated | |||
| MASTG-TEST-0226 | Debuggable Flag Enabled in the AndroidManifest | platform:android | profile:R | newstatus:new | |||
| MASTG-TEST-0048 | Testing Reverse Engineering Tools Detection | platform:android | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0224 | Usage of Insecure Signature Version | platform:android | profile:R | newstatus:new | |||
| MASTG-TEST-0045 | Testing Root Detection | platform:android | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0227 | Debugging Enabled for WebViews | platform:android | profile:R | newstatus:new | |||
| MASTG-TEST-0050 | Testing Runtime Integrity Checks | platform:android | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0040 | Testing for Debugging Symbols | platform:android | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0263 | Logging of StrictMode Violations | platform:android | profile:R | newstatus:new | |||
| MASTG-TEST-0038 | Making Sure that the App is Properly Signed | platform:android | profile:R | deprecatedstatus:deprecated | |||
| MASTG-TEST-0051 | Testing Obfuscation | platform:android | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0264 | Runtime Use of StrictMode APIs | platform:android | profile:R | newstatus:new | |||
| MASTG-TEST-0046 | Testing Anti-Debugging Detection | platform:android | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0039 | Testing whether the App is Debuggable | platform:android | profile:R | deprecatedstatus:deprecated | |||
| MASTG-TEST-0265 | References to StrictMode APIs | platform:android | profile:R | newstatus:new | |||
| MASTG-TEST-0001 | Testing Local Storage for Sensitive Data | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0003 | Testing Logs for Sensitive Data | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0262 | References to Backup Configurations Not Excluding Sensitive Data | platform:android | profile:L1 | profile:L2 | profile:P | newstatus:new | |
| MASTG-TEST-0005 | Determining Whether Sensitive Data Is Shared with Third Parties via Notifications | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0202 | References to APIs and Permissions for Accessing External Storage | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0011 | Testing Memory for Sensitive Data | platform:android | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0207 | Data Stored in the App Sandbox at Runtime | platform:android | profile:L2 | newstatus:new | |||
| MASTG-TEST-0203 | Runtime Use of Logging APIs | platform:android | profile:L1 | profile:L2 | profile:P | newstatus:new | |
| MASTG-TEST-0009 | Testing Backups for Sensitive Data | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0004 | Determining Whether Sensitive Data Is Shared with Third Parties via Embedded Services | platform:android | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0201 | Runtime Use of APIs to Access External Storage | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0231 | References to Logging APIs | platform:android | profile:L1 | profile:L2 | profile:P | newstatus:new | |
| MASTG-TEST-0200 | Files Written to External Storage | platform:android | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0012 | Testing the Device-Access-Security Policy | platform:android | profile:L2 | deprecatedstatus:deprecated | |||
| MASTG-TEST-0006 | Determining Whether the Keyboard Cache Is Disabled for Text Input Fields | platform:android | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0216 | Sensitive Data Not Excluded From Backup | platform:android | profile:L1 | profile:L2 | profile:P | newstatus:new | |
| MASTG-TEST-0254 | Dangerous App Permissions | platform:android | profile:P | newstatus:new | |||
| MASTG-TEST-0255 | Permission Requests Not Minimized | platform:android | profile:P | placeholderstatus:placeholder | |||
| MASTG-TEST-0256 | Missing Permission Rationale | platform:android | profile:P | placeholderstatus:placeholder | |||
| MASTG-TEST-0206 | Sensitive Data in Network Traffic Capture | platform:android | profile:P | newstatus:new | |||
| MASTG-TEST-0257 | Not Resetting Unused Permissions | platform:android | profile:P | placeholderstatus:placeholder | |||
| MASTG-TEST-0268 | References to APIs Allowing Fallback to Non-Biometric Authentication | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0271 | Runtime Use Of APIs Detecting Biometric Enrollment Changes | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0270 | References to APIs Detecting Biometric Enrollment Changes | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0269 | Runtime Use Of APIs Allowing Fallback to Non-Biometric Authentication | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0267 | Runtime Use Of Event-Bound Biometric Authentication | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0064 | Testing Biometric Authentication | platform:ios | profile:L2 | deprecatedstatus:deprecated | |||
| MASTG-TEST-0266 | References to APIs for Event-Bound Biometric Authentication | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0072 | Testing App Extensions | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0078 | Determining Whether Native Methods Are Exposed Through WebViews | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0071 | Testing UIActivity Sharing | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0057 | Checking for Sensitive Data Disclosed Through the User Interface | platform:ios | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0075 | Testing Custom URL Schemes | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0077 | Testing WebView Protocol Handlers | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0073 | Testing UIPasteboard | platform:ios | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0277 | Sensitive Data in the iOS General Pasteboard at Runtime | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0076 | Testing iOS WebViews | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0279 | Pasteboard Contents Not Expiring | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0069 | Testing App Permissions | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0059 | Testing Auto-Generated Screenshots for Sensitive Information | platform:ios | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0070 | Testing Universal Links | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0280 | Pasteboard Contents Not Restricted to Local Device | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0278 | Pasteboard Contents Not Cleared After Use | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0276 | Use of the iOS General Pasteboard | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0056 | Determining Whether Sensitive Data Is Exposed via IPC Mechanisms | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0080 | Testing Enforced Updating | platform:ios | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0087 | Make Sure That Free Security Features Are Activated | platform:ios | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0229 | Stack Canaries Not enabled | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0228 | Position Independent Code (PIC) not Enabled | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0085 | Checking for Weaknesses in Third Party Libraries | platform:ios | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0079 | Testing Object Persistence | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0086 | Memory Corruption Bugs | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0230 | Automatic Reference Counting (ARC) not enabled | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0275 | Dependencies with Known Vulnerabilities in the App's SBOM | platform:ios | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0273 | Identify Dependencies with Known Vulnerabilities by Scanning Dependency Managers Artifacts | platform:ios | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0214 | Hardcoded Cryptographic Keys in Files | platform:ios | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0062 | Testing Key Management | platform:ios | profile:L2 | deprecatedstatus:deprecated | |||
| MASTG-TEST-0213 | Use of Hardcoded Cryptographic Keys in Code | platform:ios | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0211 | Weak Hashing Algorithms | platform:ios | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0210 | Weak Encryption Algorithms | platform:ios | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0063 | Testing Random Number Generation | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0209 | Inappropriate Key Sizes | platform:ios | profile:L1 | profile:L2 | newstatus:new | ||
| MASTG-TEST-0061 | Verifying the Configuration of Cryptographic Standard Algorithms | platform:ios | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0066 | Testing the TLS Settings | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0068 | Testing Custom Certificate Stores and Certificate Pinning | platform:ios | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0065 | Testing Data Encryption on the Network | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0067 | Testing Endpoint Identity Verification | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0219 | Testing for Debugging Symbols | platform:ios | profile:R | newstatus:new | |||
| MASTG-TEST-0240 | Jailbreak Detection in Code | platform:ios | profile:R | newstatus:new | |||
| MASTG-TEST-0088 | Testing Jailbreak Detection | platform:ios | profile:R | deprecatedstatus:deprecated | |||
| MASTG-TEST-0220 | Usage of Outdated Code Signature Format | platform:ios | profile:R | newstatus:new | |||
| MASTG-TEST-0093 | Testing Obfuscation | platform:ios | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0092 | Testing Emulator Detection | platform:ios | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0083 | Testing for Debugging Symbols | platform:ios | profile:R | deprecatedstatus:deprecated | |||
| MASTG-TEST-0081 | Making Sure that the App Is Properly Signed | platform:ios | profile:R | deprecatedstatus:deprecated | |||
| MASTG-TEST-0261 | Debuggable Entitlement Enabled in the entitlements.plist | platform:ios | profile:R | newstatus:new | |||
| MASTG-TEST-0091 | Testing Reverse Engineering Tools Detection | platform:ios | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0084 | Testing for Debugging Code and Verbose Error Logging | platform:ios | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0246 | Runtime Use of Secure Screen Lock Detection APIs | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0241 | Runtime Use of Jailbreak Detection Techniques | platform:ios | profile:R | newstatus:new | |||
| MASTG-TEST-0089 | Testing Anti-Debugging Detection | platform:ios | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0090 | Testing File Integrity Checks | platform:ios | profile:R | update-pendingstatus:update-pending | |||
| MASTG-TEST-0082 | Testing whether the App is Debuggable | platform:ios | profile:R | deprecatedstatus:deprecated | |||
| MASTG-TEST-0248 | References to APIs for Detecting Secure Screen Lock | platform:ios | profile:L2 | newstatus:new | |||
| MASTG-TEST-0055 | Finding Sensitive Data in the Keyboard Cache | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0052 | Testing Local Data Storage | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0215 | Sensitive Data Not Excluded From Backup | platform:ios | profile:L1 | profile:L2 | profile:P | newstatus:new | |
| MASTG-TEST-0053 | Checking Logs for Sensitive Data | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0060 | Testing Memory for Sensitive Data | platform:ios | profile:L2 | update-pendingstatus:update-pending | |||
| MASTG-TEST-0058 | Testing Backups for Sensitive Data | platform:ios | profile:L1 | profile:L2 | update-pendingstatus:update-pending | ||
| MASTG-TEST-0054 | Determining Whether Sensitive Data Is Shared with Third Parties | platform:ios | profile:L1 | profile:L2 | deprecatedstatus:deprecated | ||
| MASTG-TEST-0281 | Undeclared Known Tracking Domains | platform:ios | profile:P | newstatus:new |