Skip to content

Kobes/owasp-masvs

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,017 Commits

Document-de

Document-de

 
 

Document-es

Document-es

 
 

Document-fr

Document-fr

 
 

Document-ja

Document-ja

 
 

Document-ru

Document-ru

 
 

Document-zhtw

Document-zhtw

 
 

Document

Document

 
 

generated

generated

 
 

tools

tools

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LANGS.md

LANGS.md

 
 

License.md

License.md

 
 

README.md

README.md

 
 

book.json

book.json

 
 

package-lock.json

package-lock.json

 
 

Repository files navigation

OWASP Mobile Application Security Verification Standard Twitter Follow

Creative Commons License OWASP Labs Build Status

This is the official Github Repository of the OWASP Mobile Application Security Verification Standard (MASVS). The MASVS establishes baseline security requirements for mobile apps that are useful in many scenarios, including:

  • In the SDLC - to establish security requirements to be followed by solution architects and developers;
  • In mobile app penetration tests - to ensure completeness and consistency in mobile app penetration tests;
  • In procurement - as a measuring stick for mobile app security, e.g. in form of questionnaire for vendors;
  • Et cetera.

The MASVS is a sister project of the OWASP Mobile Security Testing Guide.

Getting the MASVS

PDF/Mobi/Epub/Docx downloads are available on the Releases page. The current release is MASVS version 1.1. The MASVS is also available in different languages:

Gitbook

Read it on Gitbook. The book is automatically synchronized with the main repo.

Create new PDF, Epub or Mobi

Clone the repository and run the gitbook generator. This produces PDF, Epub and Mobi files in the "Generated" subdirectory.

$ git clone https://github.com/OWASP/owasp-masvs/
$ cd owasp-masvs/Tools/
$ ./gitbookandpdf.sh LATEST

Create Word documents

Clone the repository and run the document generator (requires pandoc). This produces docx and HTML files in the "Generated" subdirectory.

$ git clone https://github.com/OWASP/owasp-masvs/
$ cd owasp-mstg/Tools/
$ ./generate_document.sh

Exporting to JSON, XML and CSV

The repository contains a Python tool for converting the requirements into various formats. Clone the repo and run export.py from the repository root.

export.py [-h] [--format {json,xml,csv}]

Suggestions and Feedback

To report and error or suggest an improvement, please create an issue or create a Pull Request.

How to Contribute

The MASVS is an open source effort and we welcome contributions and feedback. If you want to contribute additional content, or improve existing content, we suggest that you first contact us on the OWASP MSTG Slack channel:

https://owasp.slack.com/messages/project-mobile_omtg/details/

You can sign up here:

https://owaspslack.com/

To add or edit content, simply fork the repository and make your changes, then create a pull request when you are finished. We'll review the changes before we merge them with the master branch in the main repo. In case there's conflicting opinions, we'll create an issue for discussing the changes.

Read Individual Sections of the MASVS Here

About

The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.

www.owasp.org/index.php/OWASP_Mobile_Security_Testing_Guide

Resources

Readme

License

CC-BY-SA-4.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

14 tags

Packages

No packages published

Languages

  • Shell 63.0%
  • Python 37.0%