Tags¶
¶
- MASWE-0001: Insertion of Sensitive Data into Logs
- MASWE-0002: Sensitive Data Stored With Insufficient Access Restrictions in Internal Locations
- MASWE-0004: Sensitive Data Not Excluded From Backup
- MASWE-0005: API Keys Hardcoded in the App Package
- MASWE-0007: Sensitive Data Stored Unencrypted in Shared Storage Requiring No User Interaction
- MASWE-0009: Weak Cryptographic Key Generation
- MASWE-0010: Weak Cryptographic Key Derivation
- MASWE-0014: Cryptographic Keys Not Properly Protected at Rest
- MASWE-0020: Weak Encryption
- MASWE-0021: Weak Hashing
- MASWE-0022: Predictable Initialization Vectors (IVs)
- MASWE-0023: Weak Padding
- MASWE-0024: Weak Message Authentication Codes (MAC)
- MASWE-0025: Weak Signature
- MASWE-0026: Improper Verification of Cryptographic Signature
- MASWE-0027: Cryptographically Weak Pseudo-Random Number Generator (PRNG)
- MASWE-0036: Authentication Material Stored Unencrypted on the Device
- MASWE-0037: Authentication Material Sent over Insecure Connections
- MASWE-0038: Authentication Tokens Not Validated
- MASWE-0040: Insecure Authentication in WebViews
- MASWE-0041: Authentication Enforced Only Locally Instead of on the Server-side
- MASWE-0042: Authorization Enforced Only Locally Instead of on the Server-side
- MASWE-0048: Insecure Machine-to-Machine Communication
- MASWE-0050: Cleartext Traffic
- MASWE-0052: Insecure Certificate Validation
- MASWE-0057: StrandHogg Attack / Task Affinity Vulnerability
- MASWE-0058: Insecure Deep Links
- MASWE-0059: Use Of Unauthenticated Platform IPC
- MASWE-0060: Insecure Use of UIActivity
- MASWE-0061: Insecure Use of App Extensions
- MASWE-0062: Insecure Services
- MASWE-0063: Insecure Broadcast Receivers
- MASWE-0064: Insecure Content Providers
- MASWE-0065: Sensitive Data Permanently Shared with Other Apps
- MASWE-0066: Insecure Intents
- MASWE-0068: JavaScript Bridges in WebViews
- MASWE-0069: WebViews Allows Access to Local Resources
- MASWE-0070: JavaScript Loaded from Untrusted Sources
- MASWE-0071: WebViews Loading Content from Untrusted Sources
- MASWE-0072: Universal XSS
- MASWE-0076: Dependencies with Known Vulnerabilities
- MASWE-0079: Unsafe Handling of Data from the Network
- MASWE-0080: Unsafe Handling of Data from Backups
- MASWE-0081: Unsafe Handling Of Data From External Interfaces
- MASWE-0082: Unsafe Handling of Data From Local Storage
- MASWE-0083: Unsafe Handling of Data From The User Interface
- MASWE-0084: Unsafe Handling of Data from IPC
- MASWE-0086: SQL Injection
¶
- MASWE-0001: Insertion of Sensitive Data into Logs
- MASWE-0002: Sensitive Data Stored With Insufficient Access Restrictions in Internal Locations
- MASWE-0003: Backup Unencrypted
- MASWE-0004: Sensitive Data Not Excluded From Backup
- MASWE-0005: API Keys Hardcoded in the App Package
- MASWE-0006: Sensitive Data Stored Unencrypted in Private Storage Locations
- MASWE-0007: Sensitive Data Stored Unencrypted in Shared Storage Requiring No User Interaction
- MASWE-0008: Missing Device Secure Lock Verification Implementation
- MASWE-0009: Weak Cryptographic Key Generation
- MASWE-0010: Weak Cryptographic Key Derivation
- MASWE-0011: Cryptographic Key Rotation Not Implemented
- MASWE-0012: Insecure or Wrong Usage of Cryptographic Key
- MASWE-0014: Cryptographic Keys Not Properly Protected at Rest
- MASWE-0015: Deprecated Android KeyStore Implementations
- MASWE-0016: Unsafe Handling of Imported Cryptographic Keys
- MASWE-0017: Cryptographic Keys Not Properly Protected on Export
- MASWE-0018: Cryptographic Keys Access Not Restricted
- MASWE-0019: Potentially Weak Cryptography Implementations
- MASWE-0020: Weak Encryption
- MASWE-0021: Weak Hashing
- MASWE-0022: Predictable Initialization Vectors (IVs)
- MASWE-0023: Weak Padding
- MASWE-0024: Weak Message Authentication Codes (MAC)
- MASWE-0025: Weak Signature
- MASWE-0026: Improper Verification of Cryptographic Signature
- MASWE-0027: Cryptographically Weak Pseudo-Random Number Generator (PRNG)
- MASWE-0028: MFA Implementation Best Practices Not Followed
- MASWE-0029: Step-Up Authentication Not Implemented After Login
- MASWE-0030: Re-Authenticates Not Triggered On Contextual State Changes
- MASWE-0031: Insecure use of Android Protected Confirmation
- MASWE-0032: Platform-provided Authentication APIs Not Used
- MASWE-0033: Authentication or Authorization Protocol Security Best Practices Not Followed
- MASWE-0034: Insecure Implementation of Confirm Credentials
- MASWE-0035: Passwordless Authentication Not Implemented
- MASWE-0036: Authentication Material Stored Unencrypted on the Device
- MASWE-0037: Authentication Material Sent over Insecure Connections
- MASWE-0038: Authentication Tokens Not Validated
- MASWE-0039: Shared Web Credentials and Website-association Not Implemented
- MASWE-0040: Insecure Authentication in WebViews
- MASWE-0041: Authentication Enforced Only Locally Instead of on the Server-side
- MASWE-0042: Authorization Enforced Only Locally Instead of on the Server-side
- MASWE-0043: App Custom PIN Not Bound to Platform KeyStore
- MASWE-0044: Biometric Authentication Can Be Bypassed
- MASWE-0045: Fallback to Non-biometric Credentials Allowed for Sensitive Transactions
- MASWE-0046: Crypto Keys Not Invalidated on New Biometric Enrollment
- MASWE-0047: Insecure Identity Pinning
- MASWE-0048: Insecure Machine-to-Machine Communication
- MASWE-0049: Proven Networking APIs Not used
- MASWE-0050: Cleartext Traffic
- MASWE-0051: Unprotected Open Ports
- MASWE-0052: Insecure Certificate Validation
- MASWE-0053: Sensitive Data Leaked via the User Interface
- MASWE-0054: Sensitive Data Leaked via Notifications
- MASWE-0055: Sensitive Data Leaked via Screenshots
- MASWE-0056: Tapjacking Attacks
- MASWE-0057: StrandHogg Attack / Task Affinity Vulnerability
- MASWE-0058: Insecure Deep Links
- MASWE-0059: Use Of Unauthenticated Platform IPC
- MASWE-0060: Insecure Use of UIActivity
- MASWE-0061: Insecure Use of App Extensions
- MASWE-0062: Insecure Services
- MASWE-0063: Insecure Broadcast Receivers
- MASWE-0064: Insecure Content Providers
- MASWE-0065: Sensitive Data Permanently Shared with Other Apps
- MASWE-0066: Insecure Intents
- MASWE-0068: JavaScript Bridges in WebViews
- MASWE-0069: WebViews Allows Access to Local Resources
- MASWE-0070: JavaScript Loaded from Untrusted Sources
- MASWE-0071: WebViews Loading Content from Untrusted Sources
- MASWE-0072: Universal XSS
- MASWE-0073: Insecure WebResourceResponse Implementations
- MASWE-0074: Web Content Debugging Enabled
- MASWE-0075: Enforced Updating Not Implemented
- MASWE-0076: Dependencies with Known Vulnerabilities
- MASWE-0077: Running on a recent Platform Version Not Ensured
- MASWE-0078: Latest Platform Version Not Targeted
- MASWE-0079: Unsafe Handling of Data from the Network
- MASWE-0080: Unsafe Handling of Data from Backups
- MASWE-0081: Unsafe Handling Of Data From External Interfaces
- MASWE-0082: Unsafe Handling of Data From Local Storage
- MASWE-0083: Unsafe Handling of Data From The User Interface
- MASWE-0084: Unsafe Handling of Data from IPC
- MASWE-0085: Unsafe Dynamic Code Loading
- MASWE-0086: SQL Injection
- MASWE-0087: Insecure Parsing and Escaping
- MASWE-0088: Insecure Object Deserialization
- MASWE-0116: Compiler Provided Security Features Not Used
¶
¶
¶
- MASTG-DEMO-0003: App Writing to External Storage without Scoped Storage Restrictions
- MASTG-DEMO-0004: App Writing to External Storage with Scoped Storage Restrictions
- MASTG-DEMO-0005: App Writing to External Storage via the MediaStore API
¶
¶
¶
¶
¶
¶
¶
¶
¶
- MASTG-DEMO-0015: Uses of Insecure Hashing Algorithms in CommonCrypto with r2
- MASTG-DEMO-0016: Uses of Insecure Hashing Algorithms in CryptoKit with r2
¶
¶
- MASTG-DEMO-0013: Use of Hardcoded RSA Private Key in SecKeyCreateWithData with r2
- MASTG-DEMO-0014: Use of Hardcoded ECDSA Private Key in CryptoKit with r2
¶
¶
- MASTG-DEMO-0020: Data Exclusion using backup_rules.xml with Backup Manager
- MASTG-DEMO-0035: Data Exclusion using backup_rules.xml with adb backup
¶
¶
¶
¶
- MASTG-DEMO-0048: SSLSocket Connection to Wrong Host Server Allowed by Lack of HostnameVerifier
- MASTG-DEMO-0049: SSLSocket Connection to Wrong Host Server Blocked by HostnameVerifier
¶
¶
¶
¶
¶
¶
¶
¶
¶
¶
¶
¶
¶
¶
¶
¶
¶
¶
- MASTG-DEMO-0041: Uses of LAContext.evaluatePolicy with r2
- MASTG-DEMO-0047: Runtime Use of the Keychain Not Requiring User Presence with Frida
¶
¶
¶
¶
¶
¶
- MASTG-DEMO-0050: Identifying Insecure Dependencies in Android Studio
- MASTG-DEMO-0051: Identifying Insecure Dependencies through SBOM Creation
¶
- MASTG-DEMO-0052: Scanning Package Manager Artifacts for Insecure iOS Dependencies
- MASTG-DEMO-0053: Identifying Insecure Dependencies in SwiftPM through SBOM creation
¶
¶
- MASWE-0005: API Keys Hardcoded in the App Package
- MASWE-0032: Platform-provided Authentication APIs Not Used
- MASWE-0033: Authentication or Authorization Protocol Security Best Practices Not Followed
- MASWE-0034: Insecure Implementation of Confirm Credentials
- MASWE-0035: Passwordless Authentication Not Implemented
- MASWE-0036: Authentication Material Stored Unencrypted on the Device
- MASWE-0037: Authentication Material Sent over Insecure Connections
- MASWE-0038: Authentication Tokens Not Validated
- MASWE-0039: Shared Web Credentials and Website-association Not Implemented
- MASWE-0040: Insecure Authentication in WebViews
¶
- MASTG-TEST-0017: Testing Confirm Credentials
- MASTG-TEST-0018: Testing Biometric Authentication
- MASTG-TEST-0064: Testing Biometric Authentication
- MASWE-0018: Cryptographic Keys Access Not Restricted
- MASWE-0041: Authentication Enforced Only Locally Instead of on the Server-side
- MASWE-0042: Authorization Enforced Only Locally Instead of on the Server-side
- MASWE-0043: App Custom PIN Not Bound to Platform KeyStore
- MASWE-0044: Biometric Authentication Can Be Bypassed
- MASWE-0045: Fallback to Non-biometric Credentials Allowed for Sensitive Transactions
- MASWE-0046: Crypto Keys Not Invalidated on New Biometric Enrollment
¶
- MASWE-0018: Cryptographic Keys Access Not Restricted
- MASWE-0028: MFA Implementation Best Practices Not Followed
- MASWE-0029: Step-Up Authentication Not Implemented After Login
- MASWE-0030: Re-Authenticates Not Triggered On Contextual State Changes
- MASWE-0031: Insecure use of Android Protected Confirmation
¶
¶
- MASWE-0056: Tapjacking Attacks
- MASWE-0077: Running on a recent Platform Version Not Ensured
- MASWE-0078: Latest Platform Version Not Targeted
¶
- MASTG-TEST-0036: Testing Enforced Updating
- MASTG-TEST-0080: Testing Enforced Updating
- MASWE-0075: Enforced Updating Not Implemented
¶
- MASTG-TEST-0042: Checking for Weaknesses in Third Party Libraries
- MASTG-TEST-0085: Checking for Weaknesses in Third Party Libraries
- MASWE-0015: Deprecated Android KeyStore Implementations
- MASWE-0019: Potentially Weak Cryptography Implementations
- MASWE-0032: Platform-provided Authentication APIs Not Used
- MASWE-0049: Proven Networking APIs Not used
- MASWE-0076: Dependencies with Known Vulnerabilities
- MASWE-0116: Compiler Provided Security Features Not Used
¶
- MASTG-TEST-0002: Testing Local Storage for Input Validation
- MASTG-TEST-0025: Testing for Injection Flaws
- MASTG-TEST-0026: Testing Implicit Intents
- MASTG-TEST-0027: Testing for URL Loading in WebViews
- MASTG-TEST-0034: Testing Object Persistence
- MASTG-TEST-0043: Memory Corruption Bugs
- MASTG-TEST-0044: Make Sure That Free Security Features Are Activated
- MASTG-TEST-0079: Testing Object Persistence
- MASTG-TEST-0086: Memory Corruption Bugs
- MASTG-TEST-0087: Make Sure That Free Security Features Are Activated
- MASWE-0016: Unsafe Handling of Imported Cryptographic Keys
- MASWE-0038: Authentication Tokens Not Validated
- MASWE-0058: Insecure Deep Links
- MASWE-0070: JavaScript Loaded from Untrusted Sources
- MASWE-0071: WebViews Loading Content from Untrusted Sources
- MASWE-0072: Universal XSS
- MASWE-0073: Insecure WebResourceResponse Implementations
- MASWE-0079: Unsafe Handling of Data from the Network
- MASWE-0080: Unsafe Handling of Data from Backups
- MASWE-0081: Unsafe Handling Of Data From External Interfaces
- MASWE-0082: Unsafe Handling of Data From Local Storage
- MASWE-0083: Unsafe Handling of Data From The User Interface
- MASWE-0084: Unsafe Handling of Data from IPC
- MASWE-0085: Unsafe Dynamic Code Loading
- MASWE-0086: SQL Injection
- MASWE-0087: Insecure Parsing and Escaping
- MASWE-0088: Insecure Object Deserialization
- MASWE-0105: Integrity of App Resources Not Verified
- MASWE-0116: Compiler Provided Security Features Not Used
¶
¶
- MASTG-TEST-0013: Testing Symmetric Cryptography
- MASTG-TEST-0014: Testing the Configuration of Cryptographic Standard Algorithms
- MASTG-TEST-0016: Testing Random Number Generation
- MASTG-TEST-0061: Verifying the Configuration of Cryptographic Standard Algorithms
- MASTG-TEST-0063: Testing Random Number Generation
- MASWE-0019: Potentially Weak Cryptography Implementations
- MASWE-0020: Weak Encryption
- MASWE-0021: Weak Hashing
- MASWE-0022: Predictable Initialization Vectors (IVs)
- MASWE-0023: Weak Padding
- MASWE-0024: Weak Message Authentication Codes (MAC)
- MASWE-0025: Weak Signature
- MASWE-0026: Improper Verification of Cryptographic Signature
- MASWE-0027: Cryptographically Weak Pseudo-Random Number Generator (PRNG)
¶
- MASTG-TEST-0015: Testing the Purposes of Keys
- MASTG-TEST-0062: Testing Key Management
- MASWE-0006: Sensitive Data Stored Unencrypted in Private Storage Locations
- MASWE-0009: Weak Cryptographic Key Generation
- MASWE-0010: Weak Cryptographic Key Derivation
- MASWE-0011: Cryptographic Key Rotation Not Implemented
- MASWE-0012: Insecure or Wrong Usage of Cryptographic Key
- MASWE-0013: Hardcoded Cryptographic Keys in Use
- MASWE-0014: Cryptographic Keys Not Properly Protected at Rest
- MASWE-0015: Deprecated Android KeyStore Implementations
- MASWE-0016: Unsafe Handling of Imported Cryptographic Keys
- MASWE-0017: Cryptographic Keys Not Properly Protected on Export
- MASWE-0018: Cryptographic Keys Access Not Restricted
- MASWE-0043: App Custom PIN Not Bound to Platform KeyStore
- MASWE-0046: Crypto Keys Not Invalidated on New Biometric Enrollment
¶
¶
- MASTG-TEST-0019: Testing Data Encryption on the Network
- MASTG-TEST-0020: Testing the TLS Settings
- MASTG-TEST-0021: Testing Endpoint Identify Verification
- MASTG-TEST-0023: Testing the Security Provider
- MASTG-TEST-0065: Testing Data Encryption on the Network
- MASTG-TEST-0066: Testing the TLS Settings
- MASTG-TEST-0067: Testing Endpoint Identity Verification
- MASWE-0017: Cryptographic Keys Not Properly Protected on Export
- MASWE-0037: Authentication Material Sent over Insecure Connections
- MASWE-0048: Insecure Machine-to-Machine Communication
- MASWE-0049: Proven Networking APIs Not used
- MASWE-0050: Cleartext Traffic
- MASWE-0051: Unprotected Open Ports
- MASWE-0052: Insecure Certificate Validation
- MASWE-0096: Data Sent Unencrypted Over Encrypted Connections
¶
- MASTG-TEST-0022: Testing Custom Certificate Stores and Certificate Pinning
- MASTG-TEST-0068: Testing Custom Certificate Stores and Certificate Pinning
- MASWE-0047: Insecure Identity Pinning
¶
¶
- MASTG-TEST-0007: Determining Whether Sensitive Stored Data Has Been Exposed via IPC Mechanisms
- MASTG-TEST-0024: Testing for App Permissions
- MASTG-TEST-0028: Testing Deep Links
- MASTG-TEST-0029: Testing for Sensitive Functionality Exposure Through IPC
- MASTG-TEST-0030: Testing for Vulnerable Implementation of PendingIntent
- MASTG-TEST-0056: Determining Whether Sensitive Data Is Exposed via IPC Mechanisms
- MASTG-TEST-0069: Testing App Permissions
- MASTG-TEST-0070: Testing Universal Links
- MASTG-TEST-0071: Testing UIActivity Sharing
- MASTG-TEST-0072: Testing App Extensions
- MASTG-TEST-0073: Testing UIPasteboard
- MASTG-TEST-0075: Testing Custom URL Schemes
- MASWE-0039: Shared Web Credentials and Website-association Not Implemented
- MASWE-0058: Insecure Deep Links
- MASWE-0059: Use Of Unauthenticated Platform IPC
- MASWE-0060: Insecure Use of UIActivity
- MASWE-0061: Insecure Use of App Extensions
- MASWE-0062: Insecure Services
- MASWE-0063: Insecure Broadcast Receivers
- MASWE-0064: Insecure Content Providers
- MASWE-0065: Sensitive Data Permanently Shared with Other Apps
- MASWE-0066: Insecure Intents
- MASWE-0084: Unsafe Handling of Data from IPC
¶
- MASTG-TEST-0031: Testing JavaScript Execution in WebViews
- MASTG-TEST-0032: Testing WebView Protocol Handlers
- MASTG-TEST-0033: Testing for Java Objects Exposed Through WebViews
- MASTG-TEST-0037: Testing WebViews Cleanup
- MASTG-TEST-0076: Testing iOS WebViews
- MASTG-TEST-0077: Testing WebView Protocol Handlers
- MASTG-TEST-0078: Determining Whether Native Methods Are Exposed Through WebViews
- MASWE-0040: Insecure Authentication in WebViews
- MASWE-0068: JavaScript Bridges in WebViews
- MASWE-0069: WebViews Allows Access to Local Resources
- MASWE-0070: JavaScript Loaded from Untrusted Sources
- MASWE-0071: WebViews Loading Content from Untrusted Sources
- MASWE-0072: Universal XSS
- MASWE-0073: Insecure WebResourceResponse Implementations
- MASWE-0074: Web Content Debugging Enabled
¶
- MASTG-TEST-0008: Checking for Sensitive Data Disclosure Through the User Interface
- MASTG-TEST-0010: Finding Sensitive Information in Auto-Generated Screenshots
- MASTG-TEST-0035: Testing for Overlay Attacks
- MASTG-TEST-0057: Checking for Sensitive Data Disclosed Through the User Interface
- MASTG-TEST-0059: Testing Auto-Generated Screenshots for Sensitive Information
- MASWE-0029: Step-Up Authentication Not Implemented After Login
- MASWE-0053: Sensitive Data Leaked via the User Interface
- MASWE-0054: Sensitive Data Leaked via Notifications
- MASWE-0055: Sensitive Data Leaked via Screenshots
- MASWE-0056: Tapjacking Attacks
- MASWE-0057: StrandHogg Attack / Task Affinity Vulnerability
- MASWE-0083: Unsafe Handling of Data From The User Interface
¶
- MASWE-0001: Insertion of Sensitive Data into Logs
- MASWE-0003: Backup Unencrypted
- MASWE-0004: Sensitive Data Not Excluded From Backup
- MASWE-0108: Sensitive Data in Network Traffic
- MASWE-0117: Inadequate Permission Management
¶
- MASWE-0109: Lack of Anonymization or Pseudonymisation Measures
- MASWE-0110: Use of Unique Identifiers for User Tracking
¶
¶
- MASWE-0113: Lack of Proper Data Management Controls
- MASWE-0114: Inadequate Data Visibility Controls
- MASWE-0115: Inadequate or Ambiguous User Consent Mechanisms
¶
- Android Anti-Reversing Defenses
- Mobile App Tampering and Reverse Engineering
- iOS Anti-Reversing Defenses
¶
- MASTG-TEST-0045: Testing Root Detection
- MASTG-TEST-0049: Testing Emulator Detection
- MASTG-TEST-0088: Testing Jailbreak Detection
- MASTG-TEST-0092: Testing Emulator Detection
- MASWE-0008: Missing Device Secure Lock Verification Implementation
- MASWE-0097: Root/Jailbreak Detection Not Implemented
- MASWE-0098: App Virtualization Environment Detection Not Implemented
- MASWE-0099: Emulator Detection Not Implemented
- MASWE-0100: Device Attestation Not Implemented
¶
- MASTG-TEST-0038: Making Sure that the App is Properly Signed
- MASTG-TEST-0047: Testing File Integrity Checks
- MASTG-TEST-0050: Testing Runtime Integrity Checks
- MASTG-TEST-0081: Making Sure that the App Is Properly Signed
- MASTG-TEST-0090: Testing File Integrity Checks
- MASWE-0104: App Integrity Not Verified
- MASWE-0105: Integrity of App Resources Not Verified
- MASWE-0106: Official Store Verification Not Implemented
- MASWE-0107: Runtime Code Integrity Not Verified
¶
- MASTG-TEST-0040: Testing for Debugging Symbols
- MASTG-TEST-0041: Testing for Debugging Code and Verbose Error Logging
- MASTG-TEST-0051: Testing Obfuscation
- MASTG-TEST-0083: Testing for Debugging Symbols
- MASTG-TEST-0084: Testing for Debugging Code and Verbose Error Logging
- MASTG-TEST-0093: Testing Obfuscation
- MASWE-0089: Code Obfuscation Not Implemented
- MASWE-0090: Resource Obfuscation Not Implemented
- MASWE-0091: Anti-Deobfuscation Techniques Not Implemented
- MASWE-0092: Static Analysis Tools Not Prevented
- MASWE-0093: Debugging Symbols Not Removed
- MASWE-0094: Non-Production Resources Not Removed
- MASWE-0095: Code That Disables Security Controls Not Removed
- MASWE-0096: Data Sent Unencrypted Over Encrypted Connections
¶
- MASTG-TEST-0039: Testing whether the App is Debuggable
- MASTG-TEST-0046: Testing Anti-Debugging Detection
- MASTG-TEST-0048: Testing Reverse Engineering Tools Detection
- MASTG-TEST-0082: Testing whether the App is Debuggable
- MASTG-TEST-0089: Testing Anti-Debugging Detection
- MASTG-TEST-0091: Testing Reverse Engineering Tools Detection
- MASWE-0067: Debuggable Flag Not Disabled
- MASWE-0074: Web Content Debugging Enabled
- MASWE-0101: Debugger Detection Not Implemented
- MASWE-0102: Dynamic Analysis Tools Detection Not Implemented
- MASWE-0103: RASP Techniques Not Implemented
¶
¶
- MASTG-TEST-0001: Testing Local Storage for Sensitive Data
- MASTG-TEST-0012: Testing the Device-Access-Security Policy
- MASTG-TEST-0052: Testing Local Data Storage
- MASWE-0006: Sensitive Data Stored Unencrypted in Private Storage Locations
- MASWE-0007: Sensitive Data Stored Unencrypted in Shared Storage Requiring No User Interaction
- MASWE-0014: Cryptographic Keys Not Properly Protected at Rest
- MASWE-0017: Cryptographic Keys Not Properly Protected on Export
- MASWE-0035: Passwordless Authentication Not Implemented
- MASWE-0036: Authentication Material Stored Unencrypted on the Device
- MASWE-0064: Insecure Content Providers
- MASWE-0065: Sensitive Data Permanently Shared with Other Apps
¶
- MASTG-TEST-0003: Testing Logs for Sensitive Data
- MASTG-TEST-0004: Determining Whether Sensitive Data Is Shared with Third Parties via Embedded Services
- MASTG-TEST-0005: Determining Whether Sensitive Data Is Shared with Third Parties via Notifications
- MASTG-TEST-0006: Determining Whether the Keyboard Cache Is Disabled for Text Input Fields
- MASTG-TEST-0009: Testing Backups for Sensitive Data
- MASTG-TEST-0011: Testing Memory for Sensitive Data
- MASTG-TEST-0053: Checking Logs for Sensitive Data
- MASTG-TEST-0054: Determining Whether Sensitive Data Is Shared with Third Parties
- MASTG-TEST-0055: Finding Sensitive Data in the Keyboard Cache
- MASTG-TEST-0058: Testing Backups for Sensitive Data
- MASTG-TEST-0060: Testing Memory for Sensitive Data
- MASWE-0001: Insertion of Sensitive Data into Logs
- MASWE-0002: Sensitive Data Stored With Insufficient Access Restrictions in Internal Locations
- MASWE-0003: Backup Unencrypted
- MASWE-0004: Sensitive Data Not Excluded From Backup
- MASWE-0053: Sensitive Data Leaked via the User Interface
- MASWE-0054: Sensitive Data Leaked via Notifications
- MASWE-0055: Sensitive Data Leaked via Screenshots
- MASWE-0058: Insecure Deep Links
- MASWE-0059: Use Of Unauthenticated Platform IPC
- MASWE-0060: Insecure Use of UIActivity
- MASWE-0061: Insecure Use of App Extensions
- MASWE-0062: Insecure Services
- MASWE-0063: Insecure Broadcast Receivers
- MASWE-0066: Insecure Intents
- MASWE-0068: JavaScript Bridges in WebViews
- MASWE-0069: WebViews Allows Access to Local Resources
¶
¶
- MASTG-TEST-0215: Sensitive Data Not Excluded From Backup
- MASTG-TEST-0216: Sensitive Data Not Excluded From Backup
- MASTG-TEST-0262: References to Backup Configurations Not Excluding Sensitive Data
¶
¶
- MASTG-TEST-0200: Files Written to External Storage
- MASTG-TEST-0201: Runtime Use of APIs to Access External Storage
- MASTG-TEST-0202: References to APIs and Permissions for Accessing External Storage
¶
- MASTG-TEST-0246: Runtime Use of Secure Screen Lock Detection APIs
- MASTG-TEST-0247: References to APIs for Detecting Secure Screen Lock
- MASTG-TEST-0248: References to APIs for Detecting Secure Screen Lock
- MASTG-TEST-0249: Runtime Use of Secure Screen Lock Detection APIs
¶
¶
- MASTG-TEST-0212: Use of Hardcoded Cryptographic Keys in Code
- MASTG-TEST-0213: Use of Hardcoded Cryptographic Keys in Code
- MASTG-TEST-0214: Hardcoded Cryptographic Keys in Files
¶
- MASTG-TEST-0210: Weak Encryption Algorithms
- MASTG-TEST-0221: Weak Symmetric Encryption Algorithms
- MASTG-TEST-0232: Weak Symmetric Encryption Modes
¶
¶
¶
- MASTG-TEST-0266: References to APIs for Event-Bound Biometric Authentication
- MASTG-TEST-0267: Runtime Use Of Event-Bound Biometric Authentication
¶
- MASTG-TEST-0268: References to APIs Allowing Fallback to Non-Biometric Authentication
- MASTG-TEST-0269: Runtime Use Of APIs Allowing Fallback to Non-Biometric Authentication
¶
- MASTG-TEST-0270: References to APIs Detecting Biometric Enrollment Changes
- MASTG-TEST-0271: Runtime Use Of APIs Detecting Biometric Enrollment Changes
¶
- MASTG-TEST-0242: Missing Certificate Pinning in Network Security Configuration
- MASTG-TEST-0243: Expired Certificate Pins in the Network Security Configuration
- MASTG-TEST-0244: Missing Certificate Pinning in Network Traffic
¶
- MASTG-TEST-0217: Insecure TLS Protocols Explicitly Allowed in Code
- MASTG-TEST-0218: Insecure TLS Protocols in Network Traffic
- MASTG-TEST-0233: Hardcoded HTTP URLs
- MASTG-TEST-0235: Android App Configurations Allowing Cleartext Traffic
- MASTG-TEST-0236: Cleartext Traffic Observed on the Network
- MASTG-TEST-0237: Cross-Platform Framework Configurations Allowing Cleartext Traffic
- MASTG-TEST-0238: Runtime Use of Network APIs Transmitting Cleartext Traffic
- MASTG-TEST-0239: Using low-level APIs (e.g. Socket) to set up a custom HTTP connection
¶
¶
- MASTG-TEST-0258: References to Keyboard Caching Attributes in UI Elements
- MASTG-TEST-0276: Use of the iOS General Pasteboard
- MASTG-TEST-0277: Sensitive Data in the iOS General Pasteboard at Runtime
- MASTG-TEST-0278: Pasteboard Contents Not Cleared After Use
- MASTG-TEST-0279: Pasteboard Contents Not Expiring
- MASTG-TEST-0280: Pasteboard Contents Not Restricted to Local Device
¶
- MASTG-TEST-0226: Debuggable Flag Enabled in the AndroidManifest
- MASTG-TEST-0227: Debugging Enabled for WebViews
- MASTG-TEST-0261: Debuggable Entitlement Enabled in the entitlements.plist
¶
- MASTG-TEST-0250: References to Content Provider Access in WebViews
- MASTG-TEST-0251: Runtime Use of Content Provider Access APIs in WebViews
- MASTG-TEST-0252: References to Local File Access in WebViews
- MASTG-TEST-0253: Runtime Use of Local File Access APIs in WebViews
¶
- MASTG-TEST-0272: Identify Dependencies with Known Vulnerabilities in the Android Project
- MASTG-TEST-0273: Identify Dependencies with Known Vulnerabilities by Scanning Dependency Managers Artifacts
- MASTG-TEST-0274: Dependencies with Known Vulnerabilities in the App's SBOM
- MASTG-TEST-0275: Dependencies with Known Vulnerabilities in the App's SBOM
¶
¶
¶
- MASTG-TEST-0263: Logging of StrictMode Violations
- MASTG-TEST-0264: Runtime Use of StrictMode APIs
- MASTG-TEST-0265: References to StrictMode APIs
¶
- MASTG-TEST-0240: Jailbreak Detection in Code
- MASTG-TEST-0241: Runtime Use of Jailbreak Detection Techniques
¶
- MASTG-TEST-0220: Usage of Outdated Code Signature Format
- MASTG-TEST-0224: Usage of Insecure Signature Version
- MASTG-TEST-0225: Usage of Insecure Signature Key Size
¶
¶
- MASTG-TEST-0222: Position Independent Code (PIC) Not Enabled
- MASTG-TEST-0223: Stack Canaries Not Enabled
- MASTG-TEST-0228: Position Independent Code (PIC) not Enabled
- MASTG-TEST-0229: Stack Canaries Not enabled
- MASTG-TEST-0230: Automatic Reference Counting (ARC) not enabled
¶
- MASTG-TEST-0254: Dangerous App Permissions
- MASTG-TEST-0255: Permission Requests Not Minimized
- MASTG-TEST-0256: Missing Permission Rationale
- MASTG-TEST-0257: Not Resetting Unused Permissions
¶
¶
¶
¶
- MASTG-TEST-0038: Making Sure that the App is Properly Signed
- MASTG-TEST-0081: Making Sure that the App Is Properly Signed
¶
- MASTG-TEST-0039: Testing whether the App is Debuggable
- MASTG-TEST-0082: Testing whether the App is Debuggable
¶
¶
- MASTG-TEST-0041: Testing for Debugging Code and Verbose Error Logging
- MASTG-TEST-0084: Testing for Debugging Code and Verbose Error Logging
¶
- MASTG-TEST-0042: Checking for Weaknesses in Third Party Libraries
- MASTG-TEST-0085: Checking for Weaknesses in Third Party Libraries
¶
¶
- MASTG-TEST-0044: Make Sure That Free Security Features Are Activated
- MASTG-TEST-0087: Make Sure That Free Security Features Are Activated
¶
¶
- MASTG-TEST-0014: Testing the Configuration of Cryptographic Standard Algorithms
- MASTG-TEST-0061: Verifying the Configuration of Cryptographic Standard Algorithms
¶
- MASTG-TEST-0014: Testing the Configuration of Cryptographic Standard Algorithms
- MASTG-TEST-0061: Verifying the Configuration of Cryptographic Standard Algorithms
¶
¶
¶
¶
- MASTG-TEST-0019: Testing Data Encryption on the Network
- MASTG-TEST-0065: Testing Data Encryption on the Network
¶
¶
- MASTG-TEST-0021: Testing Endpoint Identify Verification
- MASTG-TEST-0067: Testing Endpoint Identity Verification
¶
- MASTG-TEST-0022: Testing Custom Certificate Stores and Certificate Pinning
- MASTG-TEST-0068: Testing Custom Certificate Stores and Certificate Pinning
¶
¶
¶
¶
- MASTG-TEST-0002: Testing Local Storage for Input Validation
- MASTG-TEST-0025: Testing for Injection Flaws
- MASTG-TEST-0026: Testing Implicit Intents
- MASTG-TEST-0027: Testing for URL Loading in WebViews
¶
¶
- MASTG-TEST-0029: Testing for Sensitive Functionality Exposure Through IPC
- MASTG-TEST-0030: Testing for Vulnerable Implementation of PendingIntent
- MASTG-TEST-0070: Testing Universal Links
- MASTG-TEST-0071: Testing UIActivity Sharing
- MASTG-TEST-0072: Testing App Extensions
- MASTG-TEST-0073: Testing UIPasteboard
¶
¶
- MASTG-TEST-0032: Testing WebView Protocol Handlers
- MASTG-TEST-0077: Testing WebView Protocol Handlers
¶
- MASTG-TEST-0033: Testing for Java Objects Exposed Through WebViews
- MASTG-TEST-0078: Determining Whether Native Methods Are Exposed Through WebViews
¶
¶
¶
¶
¶
¶
¶
- MASTG-TEST-0048: Testing Reverse Engineering Tools Detection
- MASTG-TEST-0091: Testing Reverse Engineering Tools Detection
¶
¶
¶
¶
- MASTG-TEST-0001: Testing Local Storage for Sensitive Data
- MASTG-TEST-0052: Testing Local Data Storage
¶
- MASTG-TEST-0011: Testing Memory for Sensitive Data
- MASTG-TEST-0060: Testing Memory for Sensitive Data
¶
- MASTG-TEST-0012: Testing the Device-Access-Security Policy
- MASTG-TEST-0017: Testing Confirm Credentials
- MASTG-TEST-0064: Testing Biometric Authentication
¶
- MASTG-TEST-0001: Testing Local Storage for Sensitive Data
- MASTG-TEST-0052: Testing Local Data Storage
¶
¶
- MASTG-TEST-0004: Determining Whether Sensitive Data Is Shared with Third Parties via Embedded Services
- MASTG-TEST-0005: Determining Whether Sensitive Data Is Shared with Third Parties via Notifications
- MASTG-TEST-0054: Determining Whether Sensitive Data Is Shared with Third Parties
¶
- MASTG-TEST-0006: Determining Whether the Keyboard Cache Is Disabled for Text Input Fields
- MASTG-TEST-0055: Finding Sensitive Data in the Keyboard Cache
¶
- MASTG-TEST-0007: Determining Whether Sensitive Stored Data Has Been Exposed via IPC Mechanisms
- MASTG-TEST-0056: Determining Whether Sensitive Data Is Exposed via IPC Mechanisms
¶
- MASTG-TEST-0008: Checking for Sensitive Data Disclosure Through the User Interface
- MASTG-TEST-0057: Checking for Sensitive Data Disclosed Through the User Interface
¶
- MASTG-TEST-0009: Testing Backups for Sensitive Data
- MASTG-TEST-0058: Testing Backups for Sensitive Data
¶
- MASTG-TEST-0010: Finding Sensitive Information in Auto-Generated Screenshots
- MASTG-TEST-0059: Testing Auto-Generated Screenshots for Sensitive Information
¶
- MASWE-0001: Insertion of Sensitive Data into Logs
- MASWE-0004: Sensitive Data Not Excluded From Backup
- MASWE-0108: Sensitive Data in Network Traffic
- MASWE-0109: Lack of Anonymization or Pseudonymisation Measures
- MASWE-0110: Use of Unique Identifiers for User Tracking
- MASWE-0111: Inadequate Privacy Policy
- MASWE-0112: Inadequate Data Collection Declarations
- MASWE-0113: Lack of Proper Data Management Controls
- MASWE-0114: Inadequate Data Visibility Controls
- MASWE-0115: Inadequate or Ambiguous User Consent Mechanisms
- MASWE-0117: Inadequate Permission Management
¶
- MASWE-0067: Debuggable Flag Not Disabled
- MASWE-0089: Code Obfuscation Not Implemented
- MASWE-0090: Resource Obfuscation Not Implemented
- MASWE-0091: Anti-Deobfuscation Techniques Not Implemented
- MASWE-0092: Static Analysis Tools Not Prevented
- MASWE-0093: Debugging Symbols Not Removed
- MASWE-0094: Non-Production Resources Not Removed
- MASWE-0095: Code That Disables Security Controls Not Removed
- MASWE-0096: Data Sent Unencrypted Over Encrypted Connections
- MASWE-0097: Root/Jailbreak Detection Not Implemented
- MASWE-0098: App Virtualization Environment Detection Not Implemented
- MASWE-0099: Emulator Detection Not Implemented
- MASWE-0100: Device Attestation Not Implemented
- MASWE-0101: Debugger Detection Not Implemented
- MASWE-0102: Dynamic Analysis Tools Detection Not Implemented
- MASWE-0103: RASP Techniques Not Implemented
- MASWE-0104: App Integrity Not Verified
- MASWE-0105: Integrity of App Resources Not Verified
- MASWE-0106: Official Store Verification Not Implemented
- MASWE-0107: Runtime Code Integrity Not Verified
¶
- Mobile App Authentication Architectures
- Mobile App Code Quality
- Mobile App Cryptography
- Mobile App Network Communication
- Mobile App Tampering and Reverse Engineering
¶
- Android Anti-Reversing Defenses
- Android Code Quality and Build Settings
- Android Cryptographic APIs
- Android Data Storage
- Android Local Authentication
- Android Network Communication
- Android Platform APIs
- MASTG-APP-0001: AndroGoat
- MASTG-APP-0002: Android License Validator
- MASTG-APP-0003: Android UnCrackable L1
- MASTG-APP-0004: Android UnCrackable L2
- MASTG-APP-0005: Android UnCrackable L3
- MASTG-APP-0006: Digitalbank
- MASTG-APP-0007: DIVA Android
- MASTG-APP-0008: DodoVulnerableBank
- MASTG-APP-0009: DVHMA
- MASTG-APP-0010: InsecureBankv2
- MASTG-APP-0011: MASTG Hacking Playground (Java)
- MASTG-APP-0012: MASTG Hacking Playground (Kotlin)
- MASTG-APP-0013: OVAA
- MASTG-APP-0014: InsecureShop
- MASTG-APP-0015: Android UnCrackable L4
- MASTG-APP-0016: Finstergram
- MASTG-APP-0017: Disable-flutter-tls-verification
- MASTG-BEST-0001: Use Secure Random Number Generator APIs
- MASTG-BEST-0002: Remove Logging Code
- MASTG-BEST-0003: Comply with Privacy Regulations and Best Practices
- MASTG-BEST-0004: Exclude Sensitive Data from Backups
- MASTG-BEST-0005: Use Secure Encryption Modes
- MASTG-BEST-0006: Use Up-to-Date APK Signing Schemes
- MASTG-BEST-0007: Debuggable Flag Disabled in the AndroidManifest
- MASTG-BEST-0008: Debugging Disabled for WebViews
- MASTG-BEST-0009: Use Secure Encryption Algorithms
- MASTG-BEST-0010: Use Up-to-Date minSdkVersion
- MASTG-BEST-0011: Securely Load File Content in a WebView
- MASTG-BEST-0012: Disable JavaScript in WebViews
- MASTG-BEST-0013: Disable Content Provider Access in WebViews
- MASTG-DEMO-0001: File System Snapshots from External Storage
- MASTG-DEMO-0002: External Storage APIs Tracing with Frida
- MASTG-DEMO-0003: App Writing to External Storage without Scoped Storage Restrictions
- MASTG-DEMO-0004: App Writing to External Storage with Scoped Storage Restrictions
- MASTG-DEMO-0005: App Writing to External Storage via the MediaStore API
- MASTG-DEMO-0006: Tracing Common Logging APIs Looking for Secrets
- MASTG-DEMO-0007: Common Uses of Insecure Random APIs
- MASTG-DEMO-0008: Uses of Non-random Sources
- MASTG-DEMO-0009: Detecting Sensitive Data in Network Traffic
- MASTG-DEMO-0010: File System Snapshots from Internal Storage
- MASTG-DEMO-0012: Weak Cryptographic Key Generation
- MASTG-DEMO-0017: Use of Hardcoded AES Key in SecretKeySpec with semgrep
- MASTG-DEMO-0020: Data Exclusion using backup_rules.xml with Backup Manager
- MASTG-DEMO-0022: Uses of Insecure Symmetric Encryption Algorithms in Cipher with semgrep
- MASTG-DEMO-0023: Uses of Insecure Encryption Modes in Cipher with semgrep
- MASTG-DEMO-0024: Uses of Caching UI Elements with semgrep
- MASTG-DEMO-0025: Uses of Build.VERSION.SDK_INT with semgrep
- MASTG-DEMO-0027: Runtime Use of KeyguardManager.isDeviceSecure and BiometricManager.canAuthenticate APIs with Frida
- MASTG-DEMO-0028: Uses of KeyguardManager.isDeviceSecure and BiometricManager.canAuthenticate with semgrep
- MASTG-DEMO-0029: Uses of WebViews Allowing Content Access with semgrep
- MASTG-DEMO-0030: Uses of WebViews Allowing Content Access with Frida
- MASTG-DEMO-0031: Uses of WebViews Allowing Local File Access with Frida
- MASTG-DEMO-0032: Uses of WebViews Allowing Local File Access with semgrep
- MASTG-DEMO-0033: Dangerous Permissions in the AndroidManifest with semgrep
- MASTG-DEMO-0034: Backup and Restore App Data with semgrep
- MASTG-DEMO-0035: Data Exclusion using backup_rules.xml with adb backup
- MASTG-DEMO-0037: App Leaking Information about Unclosed SQL Cursor via StrictMode
- MASTG-DEMO-0038: Detecting StrictMode Uses with Frida
- MASTG-DEMO-0039: Detecting StrictMode PenaltyLog Usage with Semgrep
- MASTG-DEMO-0040: Debuggable Flag Enabled in the AndroidManifest with semgrep
- MASTG-DEMO-0048: SSLSocket Connection to Wrong Host Server Allowed by Lack of HostnameVerifier
- MASTG-DEMO-0049: SSLSocket Connection to Wrong Host Server Blocked by HostnameVerifier
- MASTG-DEMO-0050: Identifying Insecure Dependencies in Android Studio
- MASTG-DEMO-0051: Identifying Insecure Dependencies through SBOM Creation
- MASTG-TECH-0001: Accessing the Device Shell
- MASTG-TECH-0002: Host-Device Data Transfer
- MASTG-TECH-0003: Obtaining and Extracting Apps
- MASTG-TECH-0004: Repackaging Apps
- MASTG-TECH-0005: Installing Apps
- MASTG-TECH-0006: Listing Installed Apps
- MASTG-TECH-0007: Exploring the App Package
- MASTG-TECH-0008: Accessing App Data Directories
- MASTG-TECH-0009: Monitoring System Logs
- MASTG-TECH-0010: Basic Network Monitoring/Sniffing
- MASTG-TECH-0011: Setting Up an Interception Proxy
- MASTG-TECH-0012: Bypassing Certificate Pinning
- MASTG-TECH-0013: Reverse Engineering Android Apps
- MASTG-TECH-0014: Static Analysis on Android
- MASTG-TECH-0015: Dynamic Analysis on Android
- MASTG-TECH-0016: Disassembling Code to Smali
- MASTG-TECH-0017: Decompiling Java Code
- MASTG-TECH-0018: Disassembling Native Code
- MASTG-TECH-0019: Retrieving Strings
- MASTG-TECH-0020: Retrieving Cross References
- MASTG-TECH-0021: Information Gathering - API Usage
- MASTG-TECH-0022: Information Gathering - Network Communication
- MASTG-TECH-0023: Reviewing Decompiled Java Code
- MASTG-TECH-0024: Reviewing Disassembled Native Code
- MASTG-TECH-0025: Automated Static Analysis
- MASTG-TECH-0026: Dynamic Analysis on Non-Rooted Devices
- MASTG-TECH-0027: Get Open Files
- MASTG-TECH-0028: Get Open Connections
- MASTG-TECH-0029: Get Loaded Native Libraries
- MASTG-TECH-0030: Sandbox Inspection
- MASTG-TECH-0031: Debugging
- MASTG-TECH-0032: Execution Tracing
- MASTG-TECH-0033: Method Tracing
- MASTG-TECH-0034: Native Code Tracing
- MASTG-TECH-0035: JNI Tracing
- MASTG-TECH-0036: Emulation-based Analysis
- MASTG-TECH-0037: Symbolic Execution
- MASTG-TECH-0038: Patching
- MASTG-TECH-0039: Repackaging & Re-Signing
- MASTG-TECH-0040: Waiting for the Debugger
- MASTG-TECH-0041: Library Injection
- MASTG-TECH-0042: Getting Loaded Classes and Methods Dynamically
- MASTG-TECH-0043: Method Hooking
- MASTG-TECH-0044: Process Exploration
- MASTG-TECH-0045: Runtime Reverse Engineering
- MASTG-TECH-0100: Logging Sensitive Data from Network Traffic
- MASTG-TECH-0108: Taint Analysis
- MASTG-TECH-0109: Intercepting Flutter HTTPS Traffic
- MASTG-TECH-0112: Reverse Engineering Flutter Applications
- MASTG-TECH-0115: Obtaining Compiler-Provided Security Features
- MASTG-TECH-0116: Obtaining Information about the APK Signature
- MASTG-TECH-0117: Obtaining Information from the AndroidManifest
- MASTG-TECH-0126: Obtaining App Permissions
- MASTG-TECH-0127: Inspecting an App's Backup Data
- MASTG-TECH-0128: Performing a Backup and Restore of App Data
- MASTG-TECH-0129: Verifying Android Dependencies at Runtime
- MASTG-TECH-0130: Software Composition Analysis (SCA) of Android Dependencies by Creating a SBOM
- MASTG-TECH-0131: Software Composition Analysis (SCA) of Android Dependencies at Build Time
- MASTG-TEST-0001: Testing Local Storage for Sensitive Data
- MASTG-TEST-0002: Testing Local Storage for Input Validation
- MASTG-TEST-0003: Testing Logs for Sensitive Data
- MASTG-TEST-0004: Determining Whether Sensitive Data Is Shared with Third Parties via Embedded Services
- MASTG-TEST-0005: Determining Whether Sensitive Data Is Shared with Third Parties via Notifications
- MASTG-TEST-0006: Determining Whether the Keyboard Cache Is Disabled for Text Input Fields
- MASTG-TEST-0007: Determining Whether Sensitive Stored Data Has Been Exposed via IPC Mechanisms
- MASTG-TEST-0008: Checking for Sensitive Data Disclosure Through the User Interface
- MASTG-TEST-0009: Testing Backups for Sensitive Data
- MASTG-TEST-0010: Finding Sensitive Information in Auto-Generated Screenshots
- MASTG-TEST-0011: Testing Memory for Sensitive Data
- MASTG-TEST-0012: Testing the Device-Access-Security Policy
- MASTG-TEST-0013: Testing Symmetric Cryptography
- MASTG-TEST-0014: Testing the Configuration of Cryptographic Standard Algorithms
- MASTG-TEST-0015: Testing the Purposes of Keys
- MASTG-TEST-0016: Testing Random Number Generation
- MASTG-TEST-0017: Testing Confirm Credentials
- MASTG-TEST-0018: Testing Biometric Authentication
- MASTG-TEST-0019: Testing Data Encryption on the Network
- MASTG-TEST-0020: Testing the TLS Settings
- MASTG-TEST-0021: Testing Endpoint Identify Verification
- MASTG-TEST-0022: Testing Custom Certificate Stores and Certificate Pinning
- MASTG-TEST-0023: Testing the Security Provider
- MASTG-TEST-0024: Testing for App Permissions
- MASTG-TEST-0025: Testing for Injection Flaws
- MASTG-TEST-0026: Testing Implicit Intents
- MASTG-TEST-0027: Testing for URL Loading in WebViews
- MASTG-TEST-0028: Testing Deep Links
- MASTG-TEST-0029: Testing for Sensitive Functionality Exposure Through IPC
- MASTG-TEST-0030: Testing for Vulnerable Implementation of PendingIntent
- MASTG-TEST-0031: Testing JavaScript Execution in WebViews
- MASTG-TEST-0032: Testing WebView Protocol Handlers
- MASTG-TEST-0033: Testing for Java Objects Exposed Through WebViews
- MASTG-TEST-0034: Testing Object Persistence
- MASTG-TEST-0035: Testing for Overlay Attacks
- MASTG-TEST-0036: Testing Enforced Updating
- MASTG-TEST-0037: Testing WebViews Cleanup
- MASTG-TEST-0038: Making Sure that the App is Properly Signed
- MASTG-TEST-0039: Testing whether the App is Debuggable
- MASTG-TEST-0040: Testing for Debugging Symbols
- MASTG-TEST-0041: Testing for Debugging Code and Verbose Error Logging
- MASTG-TEST-0042: Checking for Weaknesses in Third Party Libraries
- MASTG-TEST-0043: Memory Corruption Bugs
- MASTG-TEST-0044: Make Sure That Free Security Features Are Activated
- MASTG-TEST-0045: Testing Root Detection
- MASTG-TEST-0046: Testing Anti-Debugging Detection
- MASTG-TEST-0047: Testing File Integrity Checks
- MASTG-TEST-0048: Testing Reverse Engineering Tools Detection
- MASTG-TEST-0049: Testing Emulator Detection
- MASTG-TEST-0050: Testing Runtime Integrity Checks
- MASTG-TEST-0051: Testing Obfuscation
- MASTG-TEST-0200: Files Written to External Storage
- MASTG-TEST-0201: Runtime Use of APIs to Access External Storage
- MASTG-TEST-0202: References to APIs and Permissions for Accessing External Storage
- MASTG-TEST-0203: Runtime Use of Logging APIs
- MASTG-TEST-0204: Insecure Random API Usage
- MASTG-TEST-0205: Non-random Sources Usage
- MASTG-TEST-0206: Sensitive Data in Network Traffic Capture
- MASTG-TEST-0207: Data Stored in the App Sandbox at Runtime
- MASTG-TEST-0208: Inappropriate Key Sizes
- MASTG-TEST-0212: Use of Hardcoded Cryptographic Keys in Code
- MASTG-TEST-0216: Sensitive Data Not Excluded From Backup
- MASTG-TEST-0217: Insecure TLS Protocols Explicitly Allowed in Code
- MASTG-TEST-0221: Weak Symmetric Encryption Algorithms
- MASTG-TEST-0222: Position Independent Code (PIC) Not Enabled
- MASTG-TEST-0223: Stack Canaries Not Enabled
- MASTG-TEST-0224: Usage of Insecure Signature Version
- MASTG-TEST-0225: Usage of Insecure Signature Key Size
- MASTG-TEST-0226: Debuggable Flag Enabled in the AndroidManifest
- MASTG-TEST-0227: Debugging Enabled for WebViews
- MASTG-TEST-0231: References to Logging APIs
- MASTG-TEST-0232: Weak Symmetric Encryption Modes
- MASTG-TEST-0233: Hardcoded HTTP URLs
- MASTG-TEST-0234: SSLSockets not Properly Verifying Hostnames
- MASTG-TEST-0235: Android App Configurations Allowing Cleartext Traffic
- MASTG-TEST-0237: Cross-Platform Framework Configurations Allowing Cleartext Traffic
- MASTG-TEST-0238: Runtime Use of Network APIs Transmitting Cleartext Traffic
- MASTG-TEST-0239: Using low-level APIs (e.g. Socket) to set up a custom HTTP connection
- MASTG-TEST-0242: Missing Certificate Pinning in Network Security Configuration
- MASTG-TEST-0243: Expired Certificate Pins in the Network Security Configuration
- MASTG-TEST-0245: References to Platform Version APIs
- MASTG-TEST-0247: References to APIs for Detecting Secure Screen Lock
- MASTG-TEST-0249: Runtime Use of Secure Screen Lock Detection APIs
- MASTG-TEST-0250: References to Content Provider Access in WebViews
- MASTG-TEST-0251: Runtime Use of Content Provider Access APIs in WebViews
- MASTG-TEST-0252: References to Local File Access in WebViews
- MASTG-TEST-0253: Runtime Use of Local File Access APIs in WebViews
- MASTG-TEST-0254: Dangerous App Permissions
- MASTG-TEST-0255: Permission Requests Not Minimized
- MASTG-TEST-0256: Missing Permission Rationale
- MASTG-TEST-0257: Not Resetting Unused Permissions
- MASTG-TEST-0258: References to Keyboard Caching Attributes in UI Elements
- MASTG-TEST-0262: References to Backup Configurations Not Excluding Sensitive Data
- MASTG-TEST-0263: Logging of StrictMode Violations
- MASTG-TEST-0264: Runtime Use of StrictMode APIs
- MASTG-TEST-0265: References to StrictMode APIs
- MASTG-TEST-0272: Identify Dependencies with Known Vulnerabilities in the Android Project
- MASTG-TEST-0274: Dependencies with Known Vulnerabilities in the App's SBOM
- MASTG-TOOL-0001: Frida for Android
- MASTG-TOOL-0002: MobSF for Android
- MASTG-TOOL-0003: nm - Android
- MASTG-TOOL-0004: adb
- MASTG-TOOL-0005: Android NDK
- MASTG-TOOL-0006: Android SDK
- MASTG-TOOL-0007: Android Studio
- MASTG-TOOL-0008: Android-SSL-TrustKiller
- MASTG-TOOL-0009: APKiD
- MASTG-TOOL-0010: APKLab
- MASTG-TOOL-0011: Apktool
- MASTG-TOOL-0012: apkx
- MASTG-TOOL-0013: Busybox
- MASTG-TOOL-0014: Bytecode Viewer
- MASTG-TOOL-0015: drozer
- MASTG-TOOL-0016: gplaycli
- MASTG-TOOL-0017: House
- MASTG-TOOL-0018: jadx
- MASTG-TOOL-0019: jdb
- MASTG-TOOL-0020: JustTrustMe
- MASTG-TOOL-0021: Magisk
- MASTG-TOOL-0022: Proguard
- MASTG-TOOL-0023: RootCloak Plus
- MASTG-TOOL-0024: Scrcpy
- MASTG-TOOL-0025: SSLUnpinning
- MASTG-TOOL-0026: Termux
- MASTG-TOOL-0027: Xposed
- MASTG-TOOL-0028: radare2 for Android
- MASTG-TOOL-0029: objection for Android
- MASTG-TOOL-0030: Angr
- MASTG-TOOL-0099: FlowDroid
- MASTG-TOOL-0103: uber-apk-signer
- MASTG-TOOL-0107: JNITrace
- MASTG-TOOL-0112: pidcat
- MASTG-TOOL-0116: Blutter
- MASTG-TOOL-0120: ProxyDroid
- MASTG-TOOL-0123: apksigner
- MASTG-TOOL-0124: aapt2
- MASTG-TOOL-0125: Apkleaks
- MASTG-TOOL-0130: blint
- MASWE-0001: Insertion of Sensitive Data into Logs
- MASWE-0002: Sensitive Data Stored With Insufficient Access Restrictions in Internal Locations
- MASWE-0003: Backup Unencrypted
- MASWE-0004: Sensitive Data Not Excluded From Backup
- MASWE-0005: API Keys Hardcoded in the App Package
- MASWE-0006: Sensitive Data Stored Unencrypted in Private Storage Locations
- MASWE-0007: Sensitive Data Stored Unencrypted in Shared Storage Requiring No User Interaction
- MASWE-0008: Missing Device Secure Lock Verification Implementation
- MASWE-0009: Weak Cryptographic Key Generation
- MASWE-0010: Weak Cryptographic Key Derivation
- MASWE-0011: Cryptographic Key Rotation Not Implemented
- MASWE-0012: Insecure or Wrong Usage of Cryptographic Key
- MASWE-0013: Hardcoded Cryptographic Keys in Use
- MASWE-0014: Cryptographic Keys Not Properly Protected at Rest
- MASWE-0015: Deprecated Android KeyStore Implementations
- MASWE-0016: Unsafe Handling of Imported Cryptographic Keys
- MASWE-0017: Cryptographic Keys Not Properly Protected on Export
- MASWE-0018: Cryptographic Keys Access Not Restricted
- MASWE-0019: Potentially Weak Cryptography Implementations
- MASWE-0020: Weak Encryption
- MASWE-0021: Weak Hashing
- MASWE-0022: Predictable Initialization Vectors (IVs)
- MASWE-0023: Weak Padding
- MASWE-0024: Weak Message Authentication Codes (MAC)
- MASWE-0025: Weak Signature
- MASWE-0026: Improper Verification of Cryptographic Signature
- MASWE-0027: Cryptographically Weak Pseudo-Random Number Generator (PRNG)
- MASWE-0028: MFA Implementation Best Practices Not Followed
- MASWE-0029: Step-Up Authentication Not Implemented After Login
- MASWE-0030: Re-Authenticates Not Triggered On Contextual State Changes
- MASWE-0031: Insecure use of Android Protected Confirmation
- MASWE-0032: Platform-provided Authentication APIs Not Used
- MASWE-0033: Authentication or Authorization Protocol Security Best Practices Not Followed
- MASWE-0034: Insecure Implementation of Confirm Credentials
- MASWE-0035: Passwordless Authentication Not Implemented
- MASWE-0036: Authentication Material Stored Unencrypted on the Device
- MASWE-0037: Authentication Material Sent over Insecure Connections
- MASWE-0038: Authentication Tokens Not Validated
- MASWE-0039: Shared Web Credentials and Website-association Not Implemented
- MASWE-0040: Insecure Authentication in WebViews
- MASWE-0041: Authentication Enforced Only Locally Instead of on the Server-side
- MASWE-0042: Authorization Enforced Only Locally Instead of on the Server-side
- MASWE-0043: App Custom PIN Not Bound to Platform KeyStore
- MASWE-0044: Biometric Authentication Can Be Bypassed
- MASWE-0045: Fallback to Non-biometric Credentials Allowed for Sensitive Transactions
- MASWE-0046: Crypto Keys Not Invalidated on New Biometric Enrollment
- MASWE-0047: Insecure Identity Pinning
- MASWE-0048: Insecure Machine-to-Machine Communication
- MASWE-0049: Proven Networking APIs Not used
- MASWE-0050: Cleartext Traffic
- MASWE-0051: Unprotected Open Ports
- MASWE-0052: Insecure Certificate Validation
- MASWE-0053: Sensitive Data Leaked via the User Interface
- MASWE-0054: Sensitive Data Leaked via Notifications
- MASWE-0055: Sensitive Data Leaked via Screenshots
- MASWE-0056: Tapjacking Attacks
- MASWE-0057: StrandHogg Attack / Task Affinity Vulnerability
- MASWE-0058: Insecure Deep Links
- MASWE-0059: Use Of Unauthenticated Platform IPC
- MASWE-0062: Insecure Services
- MASWE-0063: Insecure Broadcast Receivers
- MASWE-0064: Insecure Content Providers
- MASWE-0065: Sensitive Data Permanently Shared with Other Apps
- MASWE-0066: Insecure Intents
- MASWE-0067: Debuggable Flag Not Disabled
- MASWE-0068: JavaScript Bridges in WebViews
- MASWE-0069: WebViews Allows Access to Local Resources
- MASWE-0070: JavaScript Loaded from Untrusted Sources
- MASWE-0071: WebViews Loading Content from Untrusted Sources
- MASWE-0072: Universal XSS
- MASWE-0073: Insecure WebResourceResponse Implementations
- MASWE-0074: Web Content Debugging Enabled
- MASWE-0075: Enforced Updating Not Implemented
- MASWE-0076: Dependencies with Known Vulnerabilities
- MASWE-0077: Running on a recent Platform Version Not Ensured
- MASWE-0078: Latest Platform Version Not Targeted
- MASWE-0079: Unsafe Handling of Data from the Network
- MASWE-0080: Unsafe Handling of Data from Backups
- MASWE-0081: Unsafe Handling Of Data From External Interfaces
- MASWE-0082: Unsafe Handling of Data From Local Storage
- MASWE-0083: Unsafe Handling of Data From The User Interface
- MASWE-0084: Unsafe Handling of Data from IPC
- MASWE-0085: Unsafe Dynamic Code Loading
- MASWE-0086: SQL Injection
- MASWE-0087: Insecure Parsing and Escaping
- MASWE-0088: Insecure Object Deserialization
- MASWE-0089: Code Obfuscation Not Implemented
- MASWE-0090: Resource Obfuscation Not Implemented
- MASWE-0091: Anti-Deobfuscation Techniques Not Implemented
- MASWE-0092: Static Analysis Tools Not Prevented
- MASWE-0093: Debugging Symbols Not Removed
- MASWE-0094: Non-Production Resources Not Removed
- MASWE-0095: Code That Disables Security Controls Not Removed
- MASWE-0096: Data Sent Unencrypted Over Encrypted Connections
- MASWE-0097: Root/Jailbreak Detection Not Implemented
- MASWE-0098: App Virtualization Environment Detection Not Implemented
- MASWE-0099: Emulator Detection Not Implemented
- MASWE-0100: Device Attestation Not Implemented
- MASWE-0101: Debugger Detection Not Implemented
- MASWE-0102: Dynamic Analysis Tools Detection Not Implemented
- MASWE-0103: RASP Techniques Not Implemented
- MASWE-0104: App Integrity Not Verified
- MASWE-0105: Integrity of App Resources Not Verified
- MASWE-0106: Official Store Verification Not Implemented
- MASWE-0107: Runtime Code Integrity Not Verified
- MASWE-0108: Sensitive Data in Network Traffic
- MASWE-0109: Lack of Anonymization or Pseudonymisation Measures
- MASWE-0110: Use of Unique Identifiers for User Tracking
- MASWE-0111: Inadequate Privacy Policy
- MASWE-0112: Inadequate Data Collection Declarations
- MASWE-0113: Lack of Proper Data Management Controls
- MASWE-0114: Inadequate Data Visibility Controls
- MASWE-0115: Inadequate or Ambiguous User Consent Mechanisms
- MASWE-0116: Compiler Provided Security Features Not Used
- MASWE-0117: Inadequate Permission Management
¶
- MASTG-TEST-0001: Testing Local Storage for Sensitive Data
- MASTG-TEST-0003: Testing Logs for Sensitive Data
- MASTG-TEST-0006: Determining Whether the Keyboard Cache Is Disabled for Text Input Fields
- MASTG-TEST-0009: Testing Backups for Sensitive Data
- MASTG-TEST-0012: Testing the Device-Access-Security Policy
- MASTG-TEST-0013: Testing Symmetric Cryptography
- MASTG-TEST-0016: Testing Random Number Generation
- MASTG-TEST-0019: Testing Data Encryption on the Network
- MASTG-TEST-0020: Testing the TLS Settings
- MASTG-TEST-0022: Testing Custom Certificate Stores and Certificate Pinning
- MASTG-TEST-0024: Testing for App Permissions
- MASTG-TEST-0032: Testing WebView Protocol Handlers
- MASTG-TEST-0038: Making Sure that the App is Properly Signed
- MASTG-TEST-0039: Testing whether the App is Debuggable
- MASTG-TEST-0041: Testing for Debugging Code and Verbose Error Logging
- MASTG-TEST-0042: Checking for Weaknesses in Third Party Libraries
- MASTG-TEST-0044: Make Sure That Free Security Features Are Activated
- MASTG-TEST-0061: Verifying the Configuration of Cryptographic Standard Algorithms
- MASTG-TEST-0062: Testing Key Management
- MASTG-TEST-0064: Testing Biometric Authentication
- MASTG-TEST-0073: Testing UIPasteboard
- MASTG-TEST-0081: Making Sure that the App Is Properly Signed
- MASTG-TEST-0082: Testing whether the App is Debuggable
- MASTG-TEST-0083: Testing for Debugging Symbols
- MASTG-TEST-0085: Checking for Weaknesses in Third Party Libraries
- MASTG-TEST-0087: Make Sure That Free Security Features Are Activated
- MASTG-TEST-0088: Testing Jailbreak Detection
- MASWE-0013: Hardcoded Cryptographic Keys in Use
¶
- MASTG-TECH-0047: Reverse Engineering
- MASTG-TECH-0048: Static Analysis
- MASTG-TECH-0049: Dynamic Analysis
- MASTG-TECH-0050: Binary Analysis
- MASTG-TECH-0051: Tampering and Runtime Instrumentation
- MASTG-TECH-0119: Intercepting HTTP Traffic by Hooking Network APIs at the Application Layer
- MASTG-TECH-0120: Intercepting HTTP Traffic Using an Interception Proxy
- MASTG-TECH-0121: Intercepting Non-HTTP Traffic Using an Interception Proxy
- MASTG-TECH-0122: Passive Eavesdropping
- MASTG-TECH-0123: Achieving a MITM Position via ARP Spoofing
- MASTG-TECH-0124: Achieving a MITM Position Using a Rogue Access Point
- MASTG-TECH-0125: Intercepting Xamarin Traffic
- MASTG-TOOL-0031: Frida
- MASTG-TOOL-0032: Frida CodeShare
- MASTG-TOOL-0033: Ghidra
- MASTG-TOOL-0034: LIEF
- MASTG-TOOL-0035: MobSF
- MASTG-TOOL-0036: r2frida
- MASTG-TOOL-0037: RMS Runtime Mobile Security
- MASTG-TOOL-0038: objection
- MASTG-TOOL-0098: iaito
- MASTG-TOOL-0100: reFlutter
- MASTG-TOOL-0101: disable-flutter-tls-verification
- MASTG-TOOL-0104: hermes-dec
- MASTG-TOOL-0106: Fridump
- MASTG-TOOL-0108: Corellium
- MASTG-TOOL-0110: semgrep
- MASTG-TOOL-0129: rabin2
- MASTG-TOOL-0131: dependency-check
- MASTG-TOOL-0132: dependency-track
- MASTG-TOOL-0133: Visual Studio Code (vscode)
- MASTG-TOOL-0134: cdxgen
¶
- MASTG-APP-0023: DVIA
- MASTG-APP-0024: DVIA-v2
- MASTG-APP-0025: iOS UnCrackable L1
- MASTG-APP-0026: iOS UnCrackable L2
- MASTG-APP-0027: Disable-flutter-tls-verification
- MASTG-APP-0028: iGoat-Swift
- MASTG-DEMO-0011: Uses of Weak Key Size in SecKeyCreateRandomKey with r2
- MASTG-DEMO-0013: Use of Hardcoded RSA Private Key in SecKeyCreateWithData with r2
- MASTG-DEMO-0014: Use of Hardcoded ECDSA Private Key in CryptoKit with r2
- MASTG-DEMO-0015: Uses of Insecure Hashing Algorithms in CommonCrypto with r2
- MASTG-DEMO-0016: Uses of Insecure Hashing Algorithms in CryptoKit with r2
- MASTG-DEMO-0018: Uses of Insecure Encryption Algorithms in CommonCrypto with r2
- MASTG-DEMO-0019: Uses of isExcludedFromBackupKey with r2
- MASTG-DEMO-0021: Uses of Jailbreak Detection Techniques with r2
- MASTG-DEMO-0024: Uses of LAContext.canEvaluatePolicy with r2
- MASTG-DEMO-0026: Runtime Use of LAContext.canEvaluatePolicy with Frida
- MASTG-DEMO-0036: Debuggable Entitlement Enabled in the entitlements.plist with rabin2
- MASTG-DEMO-0041: Uses of LAContext.evaluatePolicy with r2
- MASTG-DEMO-0042: Runtime Use of LAContext.evaluatePolicy with Frida
- MASTG-DEMO-0043: Uses of kSecAccessControlUserPresence with r2
- MASTG-DEMO-0044: Runtime Use of kSecAccessControlUserPresence with Frida
- MASTG-DEMO-0045: Uses of kSecAccessControlBiometryCurrentSet with r2
- MASTG-DEMO-0046: Runtime Use of kSecAccessControlBiometryCurrentSet with Frida
- MASTG-DEMO-0047: Runtime Use of the Keychain Not Requiring User Presence with Frida
- MASTG-DEMO-0052: Scanning Package Manager Artifacts for Insecure iOS Dependencies
- MASTG-DEMO-0053: Identifying Insecure Dependencies in SwiftPM through SBOM creation
- MASTG-TECH-0052: Accessing the Device Shell
- MASTG-TECH-0053: Host-Device Data Transfer
- MASTG-TECH-0054: Obtaining and Extracting Apps
- MASTG-TECH-0055: Launching a Repackaged App in Debug Mode
- MASTG-TECH-0056: Installing Apps
- MASTG-TECH-0057: Listing Installed Apps
- MASTG-TECH-0058: Exploring the App Package
- MASTG-TECH-0059: Accessing App Data Directories
- MASTG-TECH-0060: Monitoring System Logs
- MASTG-TECH-0061: Dumping KeyChain Data
- MASTG-TECH-0062: Basic Network Monitoring/Sniffing
- MASTG-TECH-0063: Setting up an Interception Proxy
- MASTG-TECH-0064: Bypassing Certificate Pinning
- MASTG-TECH-0065: Reverse Engineering iOS Apps
- MASTG-TECH-0066: Static Analysis on iOS
- MASTG-TECH-0067: Dynamic Analysis on iOS
- MASTG-TECH-0068: Disassembling Native Code
- MASTG-TECH-0069: Decompiling Native Code
- MASTG-TECH-0070: Extracting Information from the Application Binary
- MASTG-TECH-0071: Retrieving Strings
- MASTG-TECH-0072: Retrieving Cross References
- MASTG-TECH-0073: Information Gathering - API Usage
- MASTG-TECH-0074: Information Gathering - Network Communication
- MASTG-TECH-0075: Reviewing Decompiled Objective-C and Swift Code
- MASTG-TECH-0076: Reviewing Disassembled Objective-C and Swift Code
- MASTG-TECH-0077: Reviewing Disassembled Native Code
- MASTG-TECH-0078: Automated Static Analysis
- MASTG-TECH-0079: Obtaining a Developer Provisioning Profile
- MASTG-TECH-0080: Get Open Files
- MASTG-TECH-0081: Get Open Connections
- MASTG-TECH-0082: Get Shared Libraries
- MASTG-TECH-0083: Sandbox Inspection
- MASTG-TECH-0084: Debugging
- MASTG-TECH-0085: Execution Tracing
- MASTG-TECH-0086: Method Tracing
- MASTG-TECH-0087: Native Code Tracing
- MASTG-TECH-0088: Emulation-based Analysis
- MASTG-TECH-0089: Symbolic Execution
- MASTG-TECH-0090: Injecting Frida Gadget into an IPA Automatically
- MASTG-TECH-0091: Injecting Libraries into an IPA Manually
- MASTG-TECH-0092: Signing IPA files
- MASTG-TECH-0093: Waiting for the debugger
- MASTG-TECH-0094: Getting Loaded Classes and Methods dynamically
- MASTG-TECH-0095: Method Hooking
- MASTG-TECH-0096: Process Exploration
- MASTG-TECH-0097: Runtime Reverse Engineering
- MASTG-TECH-0098: Patching React Native Apps
- MASTG-TECH-0110: Intercepting Flutter HTTPS Traffic
- MASTG-TECH-0111: Extracting Entitlements from MachO Binaries
- MASTG-TECH-0112: Obtaining the Code Signature Format Version
- MASTG-TECH-0113: Obtaining Debugging Symbols
- MASTG-TECH-0114: Demangling Symbols
- MASTG-TECH-0118: Obtaining Compiler-Provided Security Features
- MASTG-TECH-0119: Bypassing Biometric Authentication
- MASTG-TECH-0132: Software Composition Analysis (SCA) of iOS Dependencies by Creating a SBOM
- MASTG-TECH-0133: Software Composition Analysis (SCA) of iOS Dependencies by Scanning Package Manager Artifacts
- MASTG-TECH-0134: Monitoring the Pasteboard
- MASTG-TEST-0052: Testing Local Data Storage
- MASTG-TEST-0053: Checking Logs for Sensitive Data
- MASTG-TEST-0054: Determining Whether Sensitive Data Is Shared with Third Parties
- MASTG-TEST-0055: Finding Sensitive Data in the Keyboard Cache
- MASTG-TEST-0056: Determining Whether Sensitive Data Is Exposed via IPC Mechanisms
- MASTG-TEST-0057: Checking for Sensitive Data Disclosed Through the User Interface
- MASTG-TEST-0058: Testing Backups for Sensitive Data
- MASTG-TEST-0059: Testing Auto-Generated Screenshots for Sensitive Information
- MASTG-TEST-0060: Testing Memory for Sensitive Data
- MASTG-TEST-0061: Verifying the Configuration of Cryptographic Standard Algorithms
- MASTG-TEST-0062: Testing Key Management
- MASTG-TEST-0063: Testing Random Number Generation
- MASTG-TEST-0064: Testing Biometric Authentication
- MASTG-TEST-0065: Testing Data Encryption on the Network
- MASTG-TEST-0066: Testing the TLS Settings
- MASTG-TEST-0067: Testing Endpoint Identity Verification
- MASTG-TEST-0068: Testing Custom Certificate Stores and Certificate Pinning
- MASTG-TEST-0069: Testing App Permissions
- MASTG-TEST-0070: Testing Universal Links
- MASTG-TEST-0071: Testing UIActivity Sharing
- MASTG-TEST-0072: Testing App Extensions
- MASTG-TEST-0073: Testing UIPasteboard
- MASTG-TEST-0075: Testing Custom URL Schemes
- MASTG-TEST-0076: Testing iOS WebViews
- MASTG-TEST-0077: Testing WebView Protocol Handlers
- MASTG-TEST-0078: Determining Whether Native Methods Are Exposed Through WebViews
- MASTG-TEST-0079: Testing Object Persistence
- MASTG-TEST-0080: Testing Enforced Updating
- MASTG-TEST-0081: Making Sure that the App Is Properly Signed
- MASTG-TEST-0082: Testing whether the App is Debuggable
- MASTG-TEST-0083: Testing for Debugging Symbols
- MASTG-TEST-0084: Testing for Debugging Code and Verbose Error Logging
- MASTG-TEST-0085: Checking for Weaknesses in Third Party Libraries
- MASTG-TEST-0086: Memory Corruption Bugs
- MASTG-TEST-0087: Make Sure That Free Security Features Are Activated
- MASTG-TEST-0088: Testing Jailbreak Detection
- MASTG-TEST-0089: Testing Anti-Debugging Detection
- MASTG-TEST-0090: Testing File Integrity Checks
- MASTG-TEST-0091: Testing Reverse Engineering Tools Detection
- MASTG-TEST-0092: Testing Emulator Detection
- MASTG-TEST-0093: Testing Obfuscation
- MASTG-TEST-0209: Inappropriate Key Sizes
- MASTG-TEST-0210: Weak Encryption Algorithms
- MASTG-TEST-0211: Weak Hashing Algorithms
- MASTG-TEST-0213: Use of Hardcoded Cryptographic Keys in Code
- MASTG-TEST-0214: Hardcoded Cryptographic Keys in Files
- MASTG-TEST-0215: Sensitive Data Not Excluded From Backup
- MASTG-TEST-0219: Testing for Debugging Symbols
- MASTG-TEST-0220: Usage of Outdated Code Signature Format
- MASTG-TEST-0228: Position Independent Code (PIC) not Enabled
- MASTG-TEST-0229: Stack Canaries Not enabled
- MASTG-TEST-0230: Automatic Reference Counting (ARC) not enabled
- MASTG-TEST-0240: Jailbreak Detection in Code
- MASTG-TEST-0241: Runtime Use of Jailbreak Detection Techniques
- MASTG-TEST-0246: Runtime Use of Secure Screen Lock Detection APIs
- MASTG-TEST-0248: References to APIs for Detecting Secure Screen Lock
- MASTG-TEST-0261: Debuggable Entitlement Enabled in the entitlements.plist
- MASTG-TEST-0266: References to APIs for Event-Bound Biometric Authentication
- MASTG-TEST-0267: Runtime Use Of Event-Bound Biometric Authentication
- MASTG-TEST-0268: References to APIs Allowing Fallback to Non-Biometric Authentication
- MASTG-TEST-0269: Runtime Use Of APIs Allowing Fallback to Non-Biometric Authentication
- MASTG-TEST-0270: References to APIs Detecting Biometric Enrollment Changes
- MASTG-TEST-0271: Runtime Use Of APIs Detecting Biometric Enrollment Changes
- MASTG-TEST-0273: Identify Dependencies with Known Vulnerabilities by Scanning Dependency Managers Artifacts
- MASTG-TEST-0275: Dependencies with Known Vulnerabilities in the App's SBOM
- MASTG-TEST-0276: Use of the iOS General Pasteboard
- MASTG-TEST-0277: Sensitive Data in the iOS General Pasteboard at Runtime
- MASTG-TEST-0278: Pasteboard Contents Not Cleared After Use
- MASTG-TEST-0279: Pasteboard Contents Not Expiring
- MASTG-TEST-0280: Pasteboard Contents Not Restricted to Local Device
- MASTG-TOOL-0039: Frida for iOS
- MASTG-TOOL-0040: MobSF for iOS
- MASTG-TOOL-0041: nm - iOS
- MASTG-TOOL-0042: BinaryCookieReader
- MASTG-TOOL-0043: class-dump
- MASTG-TOOL-0044: class-dump-z
- MASTG-TOOL-0045: class-dump-dyld
- MASTG-TOOL-0046: Cycript
- MASTG-TOOL-0047: Cydia
- MASTG-TOOL-0048: dsdump
- MASTG-TOOL-0049: Frida-cycript
- MASTG-TOOL-0050: Frida-ios-dump
- MASTG-TOOL-0051: gdb
- MASTG-TOOL-0053: iOSbackup
- MASTG-TOOL-0054: ios-deploy
- MASTG-TOOL-0055: iproxy
- MASTG-TOOL-0056: Keychain-Dumper
- MASTG-TOOL-0057: lldb
- MASTG-TOOL-0058: MachoOView
- MASTG-TOOL-0059: optool
- MASTG-TOOL-0060: otool
- MASTG-TOOL-0061: Grapefruit
- MASTG-TOOL-0062: Plutil
- MASTG-TOOL-0063: security
- MASTG-TOOL-0064: Sileo
- MASTG-TOOL-0065: simctl
- MASTG-TOOL-0066: SSL Kill Switch 3
- MASTG-TOOL-0067: swift-demangle
- MASTG-TOOL-0068: SwiftShield
- MASTG-TOOL-0069: Usbmuxd
- MASTG-TOOL-0070: Xcode
- MASTG-TOOL-0071: Xcode Command Line Tools
- MASTG-TOOL-0072: xcrun
- MASTG-TOOL-0073: radare2 for iOS
- MASTG-TOOL-0074: objection for iOS
- MASTG-TOOL-0102: ios-app-signer
- MASTG-TOOL-0105: ipsw
- MASTG-TOOL-0111: ldid
- MASTG-TOOL-0114: codesign
- MASTG-TOOL-0117: fastlane
- MASTG-TOOL-0118: Sideloadly
- MASTG-TOOL-0121: objdump - iOS
- MASTG-TOOL-0122: c++filt
- MASTG-TOOL-0126: libimobiledevice suite
- MASTG-TOOL-0127: AppSync Unified
- MASTG-TOOL-0128: Filza
- MASWE-0001: Insertion of Sensitive Data into Logs
- MASWE-0004: Sensitive Data Not Excluded From Backup
- MASWE-0005: API Keys Hardcoded in the App Package
- MASWE-0006: Sensitive Data Stored Unencrypted in Private Storage Locations
- MASWE-0008: Missing Device Secure Lock Verification Implementation
- MASWE-0009: Weak Cryptographic Key Generation
- MASWE-0010: Weak Cryptographic Key Derivation
- MASWE-0011: Cryptographic Key Rotation Not Implemented
- MASWE-0012: Insecure or Wrong Usage of Cryptographic Key
- MASWE-0013: Hardcoded Cryptographic Keys in Use
- MASWE-0014: Cryptographic Keys Not Properly Protected at Rest
- MASWE-0016: Unsafe Handling of Imported Cryptographic Keys
- MASWE-0017: Cryptographic Keys Not Properly Protected on Export
- MASWE-0018: Cryptographic Keys Access Not Restricted
- MASWE-0019: Potentially Weak Cryptography Implementations
- MASWE-0020: Weak Encryption
- MASWE-0021: Weak Hashing
- MASWE-0022: Predictable Initialization Vectors (IVs)
- MASWE-0023: Weak Padding
- MASWE-0024: Weak Message Authentication Codes (MAC)
- MASWE-0025: Weak Signature
- MASWE-0026: Improper Verification of Cryptographic Signature
- MASWE-0027: Cryptographically Weak Pseudo-Random Number Generator (PRNG)
- MASWE-0028: MFA Implementation Best Practices Not Followed
- MASWE-0029: Step-Up Authentication Not Implemented After Login
- MASWE-0030: Re-Authenticates Not Triggered On Contextual State Changes
- MASWE-0032: Platform-provided Authentication APIs Not Used
- MASWE-0033: Authentication or Authorization Protocol Security Best Practices Not Followed
- MASWE-0035: Passwordless Authentication Not Implemented
- MASWE-0036: Authentication Material Stored Unencrypted on the Device
- MASWE-0037: Authentication Material Sent over Insecure Connections
- MASWE-0038: Authentication Tokens Not Validated
- MASWE-0039: Shared Web Credentials and Website-association Not Implemented
- MASWE-0040: Insecure Authentication in WebViews
- MASWE-0041: Authentication Enforced Only Locally Instead of on the Server-side
- MASWE-0042: Authorization Enforced Only Locally Instead of on the Server-side
- MASWE-0043: App Custom PIN Not Bound to Platform KeyStore
- MASWE-0044: Biometric Authentication Can Be Bypassed
- MASWE-0045: Fallback to Non-biometric Credentials Allowed for Sensitive Transactions
- MASWE-0046: Crypto Keys Not Invalidated on New Biometric Enrollment
- MASWE-0047: Insecure Identity Pinning
- MASWE-0048: Insecure Machine-to-Machine Communication
- MASWE-0049: Proven Networking APIs Not used
- MASWE-0050: Cleartext Traffic
- MASWE-0051: Unprotected Open Ports
- MASWE-0052: Insecure Certificate Validation
- MASWE-0053: Sensitive Data Leaked via the User Interface
- MASWE-0054: Sensitive Data Leaked via Notifications
- MASWE-0055: Sensitive Data Leaked via Screenshots
- MASWE-0056: Tapjacking Attacks
- MASWE-0058: Insecure Deep Links
- MASWE-0059: Use Of Unauthenticated Platform IPC
- MASWE-0060: Insecure Use of UIActivity
- MASWE-0061: Insecure Use of App Extensions
- MASWE-0067: Debuggable Flag Not Disabled
- MASWE-0068: JavaScript Bridges in WebViews
- MASWE-0069: WebViews Allows Access to Local Resources
- MASWE-0070: JavaScript Loaded from Untrusted Sources
- MASWE-0071: WebViews Loading Content from Untrusted Sources
- MASWE-0072: Universal XSS
- MASWE-0073: Insecure WebResourceResponse Implementations
- MASWE-0074: Web Content Debugging Enabled
- MASWE-0075: Enforced Updating Not Implemented
- MASWE-0076: Dependencies with Known Vulnerabilities
- MASWE-0077: Running on a recent Platform Version Not Ensured
- MASWE-0078: Latest Platform Version Not Targeted
- MASWE-0079: Unsafe Handling of Data from the Network
- MASWE-0080: Unsafe Handling of Data from Backups
- MASWE-0081: Unsafe Handling Of Data From External Interfaces
- MASWE-0082: Unsafe Handling of Data From Local Storage
- MASWE-0083: Unsafe Handling of Data From The User Interface
- MASWE-0084: Unsafe Handling of Data from IPC
- MASWE-0085: Unsafe Dynamic Code Loading
- MASWE-0086: SQL Injection
- MASWE-0087: Insecure Parsing and Escaping
- MASWE-0088: Insecure Object Deserialization
- MASWE-0089: Code Obfuscation Not Implemented
- MASWE-0090: Resource Obfuscation Not Implemented
- MASWE-0091: Anti-Deobfuscation Techniques Not Implemented
- MASWE-0092: Static Analysis Tools Not Prevented
- MASWE-0093: Debugging Symbols Not Removed
- MASWE-0094: Non-Production Resources Not Removed
- MASWE-0095: Code That Disables Security Controls Not Removed
- MASWE-0096: Data Sent Unencrypted Over Encrypted Connections
- MASWE-0097: Root/Jailbreak Detection Not Implemented
- MASWE-0098: App Virtualization Environment Detection Not Implemented
- MASWE-0099: Emulator Detection Not Implemented
- MASWE-0100: Device Attestation Not Implemented
- MASWE-0101: Debugger Detection Not Implemented
- MASWE-0102: Dynamic Analysis Tools Detection Not Implemented
- MASWE-0103: RASP Techniques Not Implemented
- MASWE-0104: App Integrity Not Verified
- MASWE-0105: Integrity of App Resources Not Verified
- MASWE-0106: Official Store Verification Not Implemented
- MASWE-0107: Runtime Code Integrity Not Verified
- MASWE-0108: Sensitive Data in Network Traffic
- MASWE-0109: Lack of Anonymization or Pseudonymisation Measures
- MASWE-0110: Use of Unique Identifiers for User Tracking
- MASWE-0111: Inadequate Privacy Policy
- MASWE-0112: Inadequate Data Collection Declarations
- MASWE-0113: Lack of Proper Data Management Controls
- MASWE-0114: Inadequate Data Visibility Controls
- MASWE-0115: Inadequate or Ambiguous User Consent Mechanisms
- MASWE-0116: Compiler Provided Security Features Not Used
- MASWE-0117: Inadequate Permission Management
- iOS Anti-Reversing Defenses
- iOS Code Quality and Build Settings
- iOS Cryptographic APIs
- iOS Data Storage
- iOS Local Authentication
- iOS Network Communication
- iOS Platform APIs
¶
- MASTG-TEST-0218: Insecure TLS Protocols in Network Traffic
- MASTG-TEST-0236: Cleartext Traffic Observed on the Network
- MASTG-TEST-0244: Missing Certificate Pinning in Network Traffic
- MASTG-TOOL-0075: Android tcpdump
- MASTG-TOOL-0076: bettercap
- MASTG-TOOL-0077: Burp Suite
- MASTG-TOOL-0078: MITM Relay
- MASTG-TOOL-0079: ZAP
- MASTG-TOOL-0080: tcpdump
- MASTG-TOOL-0081: Wireshark
- MASTG-TOOL-0097: mitmproxy
- MASTG-TOOL-0109: Nope-Proxy
- MASTG-TOOL-0115: HTTP Toolkit
¶
- MASTG-DEMO-0047: Runtime Use of the Keychain Not Requiring User Presence with Frida
- MASTG-DEMO-0048: SSLSocket Connection to Wrong Host Server Allowed by Lack of HostnameVerifier
- MASTG-DEMO-0049: SSLSocket Connection to Wrong Host Server Blocked by HostnameVerifier
- MASTG-TEST-0237: Cross-Platform Framework Configurations Allowing Cleartext Traffic
- MASTG-TEST-0238: Runtime Use of Network APIs Transmitting Cleartext Traffic
- MASTG-TEST-0239: Using low-level APIs (e.g. Socket) to set up a custom HTTP connection
- MASTG-TEST-0255: Permission Requests Not Minimized
- MASTG-TEST-0256: Missing Permission Rationale
- MASTG-TEST-0257: Not Resetting Unused Permissions
- MASTG-TEST-0278: Pasteboard Contents Not Cleared After Use
- MASTG-TEST-0279: Pasteboard Contents Not Expiring
- MASTG-TEST-0280: Pasteboard Contents Not Restricted to Local Device
- MASWE-0002: Sensitive Data Stored With Insufficient Access Restrictions in Internal Locations
- MASWE-0003: Backup Unencrypted
- MASWE-0008: Missing Device Secure Lock Verification Implementation
- MASWE-0010: Weak Cryptographic Key Derivation
- MASWE-0011: Cryptographic Key Rotation Not Implemented
- MASWE-0012: Insecure or Wrong Usage of Cryptographic Key
- MASWE-0015: Deprecated Android KeyStore Implementations
- MASWE-0016: Unsafe Handling of Imported Cryptographic Keys
- MASWE-0017: Cryptographic Keys Not Properly Protected on Export
- MASWE-0018: Cryptographic Keys Access Not Restricted
- MASWE-0021: Weak Hashing
- MASWE-0022: Predictable Initialization Vectors (IVs)
- MASWE-0024: Weak Message Authentication Codes (MAC)
- MASWE-0025: Weak Signature
- MASWE-0026: Improper Verification of Cryptographic Signature
- MASWE-0028: MFA Implementation Best Practices Not Followed
- MASWE-0029: Step-Up Authentication Not Implemented After Login
- MASWE-0030: Re-Authenticates Not Triggered On Contextual State Changes
- MASWE-0031: Insecure use of Android Protected Confirmation
- MASWE-0032: Platform-provided Authentication APIs Not Used
- MASWE-0033: Authentication or Authorization Protocol Security Best Practices Not Followed
- MASWE-0034: Insecure Implementation of Confirm Credentials
- MASWE-0035: Passwordless Authentication Not Implemented
- MASWE-0036: Authentication Material Stored Unencrypted on the Device
- MASWE-0037: Authentication Material Sent over Insecure Connections
- MASWE-0038: Authentication Tokens Not Validated
- MASWE-0039: Shared Web Credentials and Website-association Not Implemented
- MASWE-0040: Insecure Authentication in WebViews
- MASWE-0041: Authentication Enforced Only Locally Instead of on the Server-side
- MASWE-0042: Authorization Enforced Only Locally Instead of on the Server-side
- MASWE-0043: App Custom PIN Not Bound to Platform KeyStore
- MASWE-0044: Biometric Authentication Can Be Bypassed
- MASWE-0045: Fallback to Non-biometric Credentials Allowed for Sensitive Transactions
- MASWE-0046: Crypto Keys Not Invalidated on New Biometric Enrollment
- MASWE-0048: Insecure Machine-to-Machine Communication
- MASWE-0053: Sensitive Data Leaked via the User Interface
- MASWE-0054: Sensitive Data Leaked via Notifications
- MASWE-0055: Sensitive Data Leaked via Screenshots
- MASWE-0056: Tapjacking Attacks
- MASWE-0057: StrandHogg Attack / Task Affinity Vulnerability
- MASWE-0058: Insecure Deep Links
- MASWE-0059: Use Of Unauthenticated Platform IPC
- MASWE-0060: Insecure Use of UIActivity
- MASWE-0061: Insecure Use of App Extensions
- MASWE-0062: Insecure Services
- MASWE-0063: Insecure Broadcast Receivers
- MASWE-0064: Insecure Content Providers
- MASWE-0065: Sensitive Data Permanently Shared with Other Apps
- MASWE-0066: Insecure Intents
- MASWE-0068: JavaScript Bridges in WebViews
- MASWE-0069: WebViews Allows Access to Local Resources
- MASWE-0070: JavaScript Loaded from Untrusted Sources
- MASWE-0071: WebViews Loading Content from Untrusted Sources
- MASWE-0072: Universal XSS
- MASWE-0073: Insecure WebResourceResponse Implementations
- MASWE-0074: Web Content Debugging Enabled
- MASWE-0075: Enforced Updating Not Implemented
- MASWE-0077: Running on a recent Platform Version Not Ensured
- MASWE-0078: Latest Platform Version Not Targeted
- MASWE-0079: Unsafe Handling of Data from the Network
- MASWE-0080: Unsafe Handling of Data from Backups
- MASWE-0081: Unsafe Handling Of Data From External Interfaces
- MASWE-0082: Unsafe Handling of Data From Local Storage
- MASWE-0083: Unsafe Handling of Data From The User Interface
- MASWE-0084: Unsafe Handling of Data from IPC
- MASWE-0085: Unsafe Dynamic Code Loading
- MASWE-0086: SQL Injection
- MASWE-0087: Insecure Parsing and Escaping
- MASWE-0088: Insecure Object Deserialization
- MASWE-0089: Code Obfuscation Not Implemented
- MASWE-0090: Resource Obfuscation Not Implemented
- MASWE-0091: Anti-Deobfuscation Techniques Not Implemented
- MASWE-0092: Static Analysis Tools Not Prevented
- MASWE-0093: Debugging Symbols Not Removed
- MASWE-0094: Non-Production Resources Not Removed
- MASWE-0095: Code That Disables Security Controls Not Removed
- MASWE-0096: Data Sent Unencrypted Over Encrypted Connections
- MASWE-0097: Root/Jailbreak Detection Not Implemented
- MASWE-0098: App Virtualization Environment Detection Not Implemented
- MASWE-0099: Emulator Detection Not Implemented
- MASWE-0100: Device Attestation Not Implemented
- MASWE-0101: Debugger Detection Not Implemented
- MASWE-0102: Dynamic Analysis Tools Detection Not Implemented
- MASWE-0103: RASP Techniques Not Implemented
- MASWE-0104: App Integrity Not Verified
- MASWE-0105: Integrity of App Resources Not Verified
- MASWE-0106: Official Store Verification Not Implemented
- MASWE-0107: Runtime Code Integrity Not Verified
- MASWE-0116: Compiler Provided Security Features Not Used