{"id":15040783,"url":"https://github.com/owasp/owasp-mastg","last_synced_at":"2025-05-14T08:05:17.376Z","repository":{"id":37439887,"uuid":"69648386","full_name":"OWASP/owasp-mastg","owner":"OWASP","description":"The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).","archived":false,"fork":false,"pushed_at":"2025-05-13T10:28:29.000Z","size":740818,"stargazers_count":12200,"open_issues_count":344,"forks_count":2429,"subscribers_count":421,"default_branch":"master","last_synced_at":"2025-05-14T08:04:24.725Z","etag":null,"topics":["android","android-application","compliancy-checklist","dynamic-analysis","hacking","ios","ios-app","mast","mastg","mobile-app","mobile-security","mstg","network-analysis","pentesting","reverse-engineering","reverse-enginnering","runtime-analysis","static-analysis","testing-cryptography"],"latest_commit_sha":null,"homepage":"https://mas.owasp.org/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc-by-sa-4.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OWASP.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":".github/CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"License.md","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"custom":"https://www.icrc.org/en/donate/ukraine"}},"created_at":"2016-09-30T08:22:29.000Z","updated_at":"2025-05-14T04:43:54.000Z","dependencies_parsed_at":"2023-10-03T17:25:22.645Z","dependency_job_id":"9bcad2ed-b058-4b85-96f0-14816bf21380","html_url":"https://github.com/OWASP/owasp-mastg","commit_stats":null,"previous_names":["owasp/owasp-mstg"],"tags_count":18,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2Fowasp-mastg","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2Fowasp-mastg/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2Fowasp-mastg/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2Fowasp-mastg/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OWASP","download_url":"https://codeload.github.com/OWASP/owasp-mastg/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254101588,"owners_count":22014907,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","android-application","compliancy-checklist","dynamic-analysis","hacking","ios","ios-app","mast","mastg","mobile-app","mobile-security","mstg","network-analysis","pentesting","reverse-engineering","reverse-enginnering","runtime-analysis","static-analysis","testing-cryptography"],"created_at":"2024-09-24T20:45:03.621Z","updated_at":"2025-05-14T08:05:12.364Z","avatar_url":"https://github.com/OWASP.png","language":"Python","funding_links":["https://www.icrc.org/en/donate/ukraine"],"categories":[],"sub_categories":[],"readme":"\u003cimg width=\"180px\" align=\"right\" style=\"float: right;\" src=\"cover.png\"\u003e\n\n# OWASP Mobile Application Security Testing Guide (MASTG)\n\n[![OWASP Flagship](https://img.shields.io/badge/owasp-flagship%20project-48A646.svg)](https://owasp.org/projects/)\n[![Creative Commons License](https://img.shields.io/github/license/OWASP/owasp-mastg)](https://creativecommons.org/licenses/by-sa/4.0/ \"CC BY-SA 4.0\")\n\n[![Document Build](https://github.com/OWASP/owasp-mastg/workflows/Documents%20Build/badge.svg)](https://github.com/OWASP/owasp-mastg/actions?query=workflow%3A%22Document+Build%22)\n[![Markdown Linter](https://github.com/OWASP/owasp-mastg/workflows/Markdown%20Linter/badge.svg)](https://github.com/OWASP/owasp-mastg/actions?query=workflow%3A%22Markdown+Linter%22)\n[![URL Checker](https://github.com/OWASP/owasp-mastg/workflows/URL%20Checker/badge.svg)](https://github.com/OWASP/owasp-mastg/actions?query=workflow%3A%22URL+Checker%22)\n\nThis is the official GitHub Repository of the OWASP Mobile Application Security Testing Guide (MASTG). The MASTG is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the controls listed in the [OWASP Mobile Application Verification Standard (MASVS)](https://github.com/OWASP/owasp-masvs \"MASVS\").\n\n\u003cbr\u003e\n\n\u003ccenter\u003e\n\u003ca href=\"https://mas.owasp.org/MASTG/\"\u003e\n\u003cimg width=\"250px\" src=\"Document/Images/open_website.png\"/\u003e\n\u003c/a\u003e\n\u003c/center\u003e\n\n\u003cbr\u003e\n\n- ⬇️ [Download the latest PDF](https://github.com/OWASP/owasp-mastg/releases/latest)\n- ✅ [Get the latest Mobile App Security Checklists](https://github.com/OWASP/owasp-mastg/releases/latest)\n- ⚡ [Contribute!](https://mas.owasp.org/contributing)\n- 💥 [Play with our Crackmes](https://mas.owasp.org/crackmes)\n\n\u003cbr\u003e\n\n## Trusted by\n\nThe OWASP MASVS and MASTG are trusted by the following platform providers and standardization, governmental and educational institutions. [Learn more](https://mas.owasp.org/MASTG/0x02b-MASVS-MASTG-Adoption/).\n\n\u003ca href=\"https://mas.owasp.org/MASTG/0x02b-MASVS-MASTG-Adoption/\"\u003e\n\u003cimg src=\"Document/Images/Other/trusted-by-logos.png\"/\u003e\n\u003c/a\u003e\n\n\u003cbr\u003e\n\n## 🥇 MAS Advocates\n\nMAS Advocates are industry adopters of the OWASP MASVS and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word. [Learn more](https://mas.owasp.org/MASTG/0x02c-Acknowledgements).\n\n\u003cbr\u003e\n\n\u003ca href=\"https://mas.owasp.org/MASTG/0x02c-Acknowledgements#our-mastg-advocates\"\u003e\n\u003cimg src=\"Document/Images/Other/nowsecure-logo.png\" width=\"200px;\" /\u003e\n\u003c/a\u003e\n\n\u003cbr\u003e\u003cbr\u003e\n\n## Connect with Us\n\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OWASP/owasp-mastg/discussions\"\u003e\u003cimg src=\"Document/Images/GitHub_logo.png\" width=\"14px\"\u003e GitHub Discussions\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://owasp.slack.com/archives/C1M6ZVC6S\"\u003e\u003cimg src=\"Document/Images/slack_logo.png\" width=\"14px\"\u003e  #project-mobile-app-security\u003c/a\u003e (\u003ca href=\"https://owasp.slack.com/join/shared_invite/zt-g398htpy-AZ40HOM1WUOZguJKbblqkw#//\"\u003eGet Invitation\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://twitter.com/OWASP_MAS\"\u003e\u003cimg src=\"Document/Images/twitter_logo.png\" width=\"14px\"\u003e @OWASP_MAS \u003c/a\u003e (Official Account)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://twitter.com/bsd_daemon\"\u003e\u003cimg src=\"Document/Images/twitter_logo.png\" width=\"14px\"\u003e @bsd_daemon \u003c/a\u003e (Sven Schleier, Project Lead) \u003ca href=\"https://twitter.com/grepharder\"\u003e\u003cimg src=\"Document/Images/twitter_logo.png\" width=\"14px\"\u003e @grepharder \u003c/a\u003e (Carlos Holguera, Project Lead)\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cbr\u003e\n\n## Other Formats\n\n- Get the [printed version via lulu.com](https://www.lulu.com/shop/jeroen-willemsen-and-sven-schleier-and-bernhard-müller-and-carlos-holguera/owasp-mobile-security-testing-guide/paperback/product-1kw4dp4k.html)\n- Get the [e-book on leanpub.com](https://leanpub.com/owasp-mastg) (please consider purchasing it to support our project or [make a donation](https://mas.owasp.org/donate/#make-your-donation))\n- Check our [Document generation scripts](src/pandocker/README.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fowasp%2Fowasp-mastg","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fowasp%2Fowasp-mastg","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fowasp%2Fowasp-mastg/lists"}