OWASP Mobile Application Security Testing Guide
OWASP Mobile Application Security Testing Guide
OWASP MASTG
About the Book
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
The MASTG is the result of an open, crowd-sourced effort, made of the contributions of dozens of authors and reviewers from all over the world.
Note that the content in the Github repository will be updated with new content regularly and the e-book is not updated automatically. All funds raised through sales of this book go directly to OWASP and to fund production of future releases, including:
- Editing and proofreading by professional editors for new content of the Mobile Application Security Testing Guide (MASTG) and Mobile Application Security Verification Standard (MASVS)
- Graphic design and layout
Visit out GitHub repository for feedback, questions, or to contribute:
https://github.com/OWASP/owasp-mastg
Table of Contents
Foreword
Frontispiece
Introduction to the Mobile Security Testing Guide
Key Areas in Mobile Application Security
The OWASP Mobile AppSec Verification Standard
Navigating the Mobile Security Testing Guide
General Testing Guide
Mobile App Taxonomy
Mobile App Security Testing
Tampering and Reverse Engineering
Mobile App Authentication Architectures
Testing Network Communication
Cryptography in Mobile Apps
Testing Code Quality
Testing Application Security on Android
Android Platform Overview
Setting up a Testing Environment for Android Apps
Data Storage on Android
Android Cryptography APIs
Local Authentication in Android Apps
Android Network APIs
Android Platform APIs
Code Quality and Build Settings of Android Apps
Tampering and Reverse Engineering on Android
Android Anti-Reversing Defenses
Testing Application Security on iOS
iOS Platform Overview
Setting up a Testing Environment for iOS Apps
Data Storage on iOS
iOS Cryptography APIs
Local Authentication in iOS Apps
iOS Network APIs
iOS Platform APIs
Code Quality and Build Settings of iOS Apps
Tampering and Reverse Engineering on iOS
iOS Anti-Reversing Defenses
Appendix
Testing Tools
Suggested Reading
The Leanpub 60 Day 100% Happiness Guarantee
Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.
You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!
So, there's no reason not to click the Add to Cart button, is there?
See full terms...
Earn $8 on a $10 Purchase, and $16 on a $20 Purchase
We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.
(Yes, some authors have already earned much more than that on Leanpub.)
In fact, authors have earnedover $14 millionwriting, publishing and selling on Leanpub.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them