{"id":13474460,"url":"https://github.com/OWASP/owasp-masvs","last_synced_at":"2025-03-26T21:31:34.624Z","repository":{"id":37934397,"uuid":"67674352","full_name":"OWASP/owasp-masvs","owner":"OWASP","description":"The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.","archived":false,"fork":false,"pushed_at":"2024-09-04T10:26:49.000Z","size":114920,"stargazers_count":2125,"open_issues_count":1,"forks_count":469,"subscribers_count":99,"default_branch":"master","last_synced_at":"2025-03-20T18:11:15.272Z","etag":null,"topics":["android-app","audit","gitbook","ios-app","mastg","masvs","mobile","mstg","owasp","penetration-testing","penetration-tests","security","security-audit","security-standards","standard","verification"],"latest_commit_sha":null,"homepage":"https://mas.owasp.org/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc-by-sa-4.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OWASP.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"License.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"custom":"https://www.icrc.org/en/donate/ukraine"}},"created_at":"2016-09-08T06:17:30.000Z","updated_at":"2025-03-18T15:17:49.000Z","dependencies_parsed_at":"2023-02-17T23:15:36.349Z","dependency_job_id":"9abec4cd-a7c6-4d61-a20f-6a4b7e4aea44","html_url":"https://github.com/OWASP/owasp-masvs","commit_stats":null,"previous_names":[],"tags_count":26,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2Fowasp-masvs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2Fowasp-masvs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2Fowasp-masvs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2Fowasp-masvs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OWASP","download_url":"https://codeload.github.com/OWASP/owasp-masvs/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245738663,"owners_count":20664324,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android-app","audit","gitbook","ios-app","mastg","masvs","mobile","mstg","owasp","penetration-testing","penetration-tests","security","security-audit","security-standards","standard","verification"],"created_at":"2024-07-31T16:01:12.517Z","updated_at":"2025-03-26T21:31:34.147Z","avatar_url":"https://github.com/OWASP.png","language":"Python","funding_links":["https://www.icrc.org/en/donate/ukraine"],"categories":["Python","Checklists \u0026 Cheatsheets","TeX (14)","TeX","Cybersecurity and Cryptography","Mobile security standards","OWASP Standards and Guides"],"sub_categories":["SSL Pinning Bypass Articles","ColdFusion"],"readme":"\u003cimg width=\"180px\" align=\"right\" style=\"float: right;\" src=\"cover.png\"\u003e\n\n# OWASP Mobile Application Security Verification Standard (MASVS)\n\n[![OWASP Flagship](https://img.shields.io/badge/owasp-flagship%20project-48A646.svg)](https://owasp.org/projects/)\n[![Creative Commons License](https://img.shields.io/github/license/OWASP/owasp-masvs)](https://creativecommons.org/licenses/by-sa/4.0/ \"CC BY-SA 4.0\")\n\n[![MASVS Build](https://github.com/OWASP/owasp-masvs/workflows/MASVS%20Build/badge.svg)](https://github.com/OWASP/owasp-masvs/actions/workflows/docgenerator.yml)\n[![Markdown Linter](https://github.com/OWASP/owasp-masvs/workflows/Markdown%20Linter/badge.svg)](https://github.com/OWASP/owasp-masvs/actions/workflows/markdown-linter.yml)\n[![URL Checker](https://github.com/OWASP/owasp-masvs/workflows/URL%20Checker/badge.svg)](https://github.com/OWASP/owasp-masvs/actions/workflows/url-checker.yml)\n\nThis is the official Github Repository of the OWASP Mobile Application Security Verification Standard (MASVS). The MASVS establishes baseline security requirements for mobile apps that are useful in many scenarios. You can use it:\n\n- As a metric - To provide a security standard against which existing mobile apps can be compared by developers and application owners.\n- As guidance - To provide guidance during all phases of mobile app development and testing.\n- During procurement - To provide a baseline for mobile app security verification.\n\nThe MASVS is a sister project of the [OWASP Mobile Application Security Testing Guide](https://github.com/OWASP/owasp-mastg \"OWASP Mobile Application Security Testing Guide\").\n\n\u003cbr\u003e\n\n\u003ccenter\u003e\n\u003ca href=\"https://mas.owasp.org/MASVS\"\u003e\n\u003cimg width=\"250px\" src=\"Document/images/open_website.png\"/\u003e\n\u003c/a\u003e\n\u003c/center\u003e\n\n\u003cbr\u003e\n\n- ⬇️ [Download the latest PDF](https://github.com/OWASP/owasp-masvs/releases/latest)\n- ✅ [Get the latest Mobile App Security Checklists](https://github.com/OWASP/owasp-mastg/releases/latest)\n- ⚡ [Contribute!](#how-to-contribute)\n- 💥 [Play with our Crackmes](https://mas.owasp.org/crackmes)\n\n## Trusted by ...\n\nThe OWASP MASVS and MASTG are trusted by the following platform providers and standardization, governmental and educational institutions. [Learn more](https://mas.owasp.org/MASTG/0x02b-MASVS-MASTG-Adoption/).\n\n\u003ca href=\"https://mas.owasp.org/MASTG/0x02b-MASVS-MASTG-Adoption/\"\u003e\n\u003cimg src=\"https://github.com/OWASP/owasp-mastg/blob/master/Document/Images/Other/trusted-by-logos.png\"/\u003e\n\u003c/a\u003e\n\n## 🥇 MAS Advocates\n\nMAS Advocates are industry adopters of the OWASP MASVS and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word. [Learn more](https://mas.owasp.org/MASTG/0x02c-Acknowledgements).\n\n\u003cbr\u003e\n\n\u003ca href=\"https://mas.owasp.org/MASTG/0x02c-Acknowledgements#our-mastg-advocates\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/OWASP/owasp-mastg/master/Document/Images/Other/nowsecure-logo.png\" width=\"200px;\" /\u003e\n\u003c/a\u003e\n\n\u003cbr\u003e\u003cbr\u003e\n\n## Connect with Us\n\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-masvs/discussions\"\u003e\u003cimg src=\"Document/images/GitHub_logo.png\" width=\"14px\"\u003e GitHub Discussions\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://owasp.slack.com/archives/C1M6ZVC6S\"\u003e\u003cimg src=\"Document/Images/slack_logo.png\" width=\"14px\"\u003e  #project-mobile-app-security\u003c/a\u003e (\u003ca href=\"https://owasp.slack.com/join/shared_invite/zt-g398htpy-AZ40HOM1WUOZguJKbblqkw#//\"\u003eGet Invitation\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://twitter.com/OWASP_MAS\"\u003e\u003cimg src=\"Document/images/twitter_logo.png\" width=\"14px\"\u003e @OWASP_MAS \u003c/a\u003e (Official Account)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://twitter.com/bsd_daemon\"\u003e\u003cimg src=\"Document/images/twitter_logo.png\" width=\"14px\"\u003e @bsd_daemon \u003c/a\u003e (Sven Schleier, Project Lead) \u003ca href=\"https://twitter.com/grepharder\"\u003e\u003cimg src=\"Document/images/twitter_logo.png\" width=\"14px\"\u003e @grepharder \u003c/a\u003e (Carlos Holguera, Project Lead)\u003c/li\u003e\n\u003c/ul\u003e\n\n## How to Contribute\n\nThe MASVS is an open source effort and we welcome all kinds of contributions and feedback.\n\n**Help us improve \u0026 join our community:**\n\n- 🐞 [Report an error (typos, grammar)](https://github.com/OWASP/owasp-masvs/issues) or [fix it on a Pull Request](https://github.com/OWASP/owasp-masvs/pulls).\n- 💬 [Give feedback](https://github.com/OWASP/owasp-masvs/discussions/categories/general).\n- 🙏 [Ask questions](https://github.com/OWASP/owasp-masvs/discussions/categories/q-a)\n\n**Contribute with content:**\n\n- 💡 [Propose ideas or suggest improvements](https://github.com/OWASP/owasp-masvs/discussions/categories/ideas) (if it qualifies we'll promote it to an [Issue](https://github.com/OWASP/owasp-masvs/issues \"Github issues\"))\n- 📄 [Create a Pull Request](https://github.com/OWASP/owasp-masvs/pulls) for concrete fixes (e.g. grammar/typos) or content already approved by the core team.\n\nBefore you start contributing, please check our [contribution guide](https://mas.owasp.org/contributing/) which should get you started. If you have any doubts [please contact us](#connect-with-us).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOWASP%2Fowasp-masvs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FOWASP%2Fowasp-masvs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOWASP%2Fowasp-masvs/lists"}