https://github.com/OWASP/masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
https://github.com/OWASP/masvs

android-app audit gitbook ios-app mastg masvs mobile mstg owasp penetration-testing penetration-tests security security-audit security-standards standard verification

Last synced: 3 months ago
JSON representation

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

• Host: GitHub
• URL: https://github.com/OWASP/masvs
• Owner: OWASP
• License: cc-by-sa-4.0
• Created: 2016-09-08T06:17:30.000Z (about 9 years ago)
• Default Branch: master
• Last Pushed: 2025-07-14T08:51:18.000Z (3 months ago)
• Last Synced: 2025-07-14T11:37:42.477Z (3 months ago)
• Topics: android-app, audit, gitbook, ios-app, mastg, masvs, mobile, mstg, owasp, penetration-testing, penetration-tests, security, security-audit, security-standards, standard, verification
• Language: Python
• Homepage: https://mas.owasp.org/
• Size: 110 MB
• Stars: 2,194
• Watchers: 102
• Forks: 495
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • Contributing: CONTRIBUTING.md
  • Funding: .github/FUNDING.yml
  • License: License.md
  • Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

          


# OWASP Mobile Application Security Verification Standard (MASVS)

[![OWASP Flagship](https://img.shields.io/badge/owasp-flagship%20project-48A646.svg)](https://owasp.org/projects/)

[![Creative Commons License](https://img.shields.io/github/license/OWASP/masvs)](https://creativecommons.org/licenses/by-sa/4.0/ "CC BY-SA 4.0")

[![MASVS Build](https://github.com/OWASP/masvs/workflows/MASVS%20Build/badge.svg)](https://github.com/OWASP/masvs/actions/workflows/docgenerator.yml)

[![Markdown Linter](https://github.com/OWASP/masvs/workflows/Markdown%20Linter/badge.svg)](https://github.com/OWASP/masvs/actions/workflows/markdown-linter.yml)

[![URL Checker](https://github.com/OWASP/masvs/workflows/URL%20Checker/badge.svg)](https://github.com/OWASP/masvs/actions/workflows/url-checker.yml)

The **OWASP Mobile Application Security Verification Standard (MASVS)** establishes baseline security and privacy requirements for mobile apps that are broken down in the the [OWASP Mobile Security Weakness Enumeration (MASWE)](https://github.com/OWASP/maswe) and tested in the [OWASP Mobile Application Security Testing Guide](https://github.com/OWASP/mastg). You can use it:

- As a metric - To provide a security standard against which existing mobile apps can be compared by developers and application owners.

- As guidance - To provide guidance during all phases of mobile app development and testing.

- During procurement - To provide a baseline for mobile app security verification.

> [OWASP MAS](https://mas.owasp.org): [OWASP MASVS](https://mas.owasp.org/MASVS) ➡ [OWASP MASWE](https://mas.owasp.org/MASWE) ➡ [OWASP MASTG](https://mas.owasp.org/MASTG)













- 🌐 [Access the MASVS Web](https://mas.owasp.org/MASVS/)

- ⬇️ [Download the latest PDF](https://github.com/OWASP/masvs/releases/latest)

- ✅ [Get the latest Mobile App Security Checklists](https://github.com/OWASP/mastg/releases/latest)

- ⚡ [Contribute!](https://mas.owasp.org/contributing)

- 💥 [Play with our Crackmes](https://mas.owasp.org/crackmes)

- 📞 [Contact Us](https://mas.owasp.org/contact)

## Trusted by

The OWASP MASVS, MASWE and MASTG are trusted by the following platform providers and standardization, governmental and educational institutions. [Learn more](https://mas.owasp.org/MASTG/0x02b-MASVS-MASTG-Adoption/).







## 🥇 MAS Advocates

MAS Advocates are industry adopters of the OWASP MASVS, MASWE and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word. [Learn more](https://mas.owasp.org/MASTG/0x02c-Acknowledgements).