Skip to content

MASTG-TEST-0231: References to Logging APIs

Overview

This test verifies if an app uses logging APIs like android.util.Log, Log, Logger, System.out.print, System.err.print, and java.lang.Throwable#printStackTrace.

Steps

  1. Use Reverse Engineering Android Apps to reverse engineer the app.
  2. Use Static Analysis on Android to look for the relevant APIs.

Observation

The output should contain a list of locations where logging APIs are used.

Evaluation

The test case fails if an app logs sensitive information from any of the listed locations.

Best Practices

MASTG-BEST-0002: Remove Logging Code