Writing Content

This section contains comprehensive guidelines for writing MASTG (Mobile Application Security Testing Guide) components. These guidelines are used by contributors and AI assistants to ensure consistency, quality, and completeness of the MASTG content.

The MASTG project includes various types of content, each with specific requirements and formatting guidelines. Use these resources to understand how to properly structure and write each type of content.

Available Guidelines

The following writing guidelines are available:

Core Content Types

• Tests - Guidelines for writing security tests that validate MASWE weaknesses
• Demos - Guidelines for creating demonstrative examples with working code samples
• Knowledge - Guidelines for writing knowledge articles about mobile security concepts
• Techniques - Guidelines for documenting security testing techniques
• Tools - Guidelines for documenting security testing tools
• Apps - Guidelines for documenting test applications
• Best Practices - Guidelines for writing security best practices and mitigations
• Rules - Guidelines for writing static analysis rules

Scripts and Automation

• Frida Scripts - Guidelines for writing Frida instrumentation scripts
• Frooky Hooks - Guidelines for writing Frooky hooks
• MITMProxy Scripts - Guidelines for writing MITMProxy scripts for network analysis
• Radare2 Scripts - Guidelines for writing Radare2 scripts for reverse engineering

General Guidelines

• Markdown - General markdown formatting guidelines for MASTG content
• Porting MASTG v1 Tests to v2 - Guidelines for migrating legacy tests to the new format

Before You Start

Before contributing content:

1. Read the relevant guidelines for the type of content you're writing
2. Review existing examples linked in each guideline document
3. Understand the structure and required metadata for your content type
4. Test your content (especially for demos and scripts) to ensure it works correctly
5. Follow the Style Guide for general writing and formatting conventions

Getting Help

If you have questions about writing content or need clarification on these guidelines:

• Review the Contributing Guidelines
• Ask in the MASTG Discussions
• Contact the project maintainers

Content Quality Standards

All contributed content must meet the MASTG quality standards:

• Accuracy: Content must be technically correct and thoroughly tested
• Completeness: All required sections and metadata must be included
• Clarity: Writing should be clear, concise, and easy to understand
• Reproducibility: Examples, demos, and scripts must be reproducible
• Relevance: Content must be relevant to mobile application security testing
• Maintenance: Content should be maintainable and up-to-date with current mobile platforms

These guidelines ensure that the MASTG remains a high-quality, authoritative resource for mobile application security testing.