MASVS-RESILIENCE

Temporary Checklist

This checklist contains the old MASVS v1 verification levels (L1, L2 and R) which we are currently reworking into "security testing profiles". The levels were assigned according to the MASVS v1 ID that the test was previously covering and might differ in the upcoming version of the MASTG and MAS Checklist.

For the upcoming of the MASTG version we will progressively split the MASTG tests into smaller tests, the so-called "atomic tests" and assign the new MAS profiles to their respective MASWE weaknesses.

MASVS-ID	Platform	Control / MASTG Test	L1	L2	R
MASVS-RESILIENCE-1		The app validates the integrity of the platform.
	platform:android	Testing Emulator Detection			profile:R
	platform:android	Testing Root Detection			profile:R
	platform:ios	Testing Emulator Detection			profile:R
	platform:ios	Testing Jailbreak Detection			profile:R
MASVS-RESILIENCE-2		The app implements anti-tampering mechanisms.
	platform:android	Testing Runtime Integrity Checks			profile:R
	platform:android	Testing File Integrity Checks			profile:R
	platform:android	Making Sure that the App is Properly Signed			profile:R
	platform:ios	Testing File Integrity Checks			profile:R
	platform:ios	Making Sure that the App Is Properly Signed			profile:R
MASVS-RESILIENCE-3		The app implements anti-static analysis mechanisms.
	platform:android	Testing Obfuscation			profile:R
	platform:android	Testing for Debugging Code and Verbose Error Logging			profile:R
	platform:android	Testing for Debugging Symbols			profile:R
	platform:ios	Testing for Debugging Code and Verbose Error Logging			profile:R
	platform:ios	Testing for Debugging Symbols			profile:R
	platform:ios	Testing Obfuscation			profile:R
MASVS-RESILIENCE-4		The app implements anti-dynamic analysis techniques.
	platform:android	Testing whether the App is Debuggable			profile:R
	platform:android	Testing Anti-Debugging Detection			profile:R
	platform:android	Testing Reverse Engineering Tools Detection			profile:R
	platform:ios	Testing Reverse Engineering Tools Detection			profile:R
	platform:ios	Testing whether the App is Debuggable			profile:R
	platform:ios	Testing Anti-Debugging Detection			profile:R