Browse files


  • Loading branch information...
b66l committed Dec 29, 2016
1 parent 19e2fdb commit a9629077e0d7990b82775437e2ce96934da0eba4
Showing with 16 additions and 1 deletion.
  1. +16 −1 oasam-auth-authentication/
@@ -1 +1,16 @@
#OASAM-AUTH: Authentication
In this section, functionalities related with the use of logins through the application will be checked. Note that vulnerability cases will be searched within the Android application. If the authentication is carried out against a thirdparty (WebService, REST service, etc.), the third-party security will not be assessed, only the weaknesses related with the Android application itself.
The following controls are applied in this section:
**OASAM-AUTH-001**: Login methods!!!!!!!! / PENDING.
**OASAM-AUTH-002**: Default Users and Passwords.List of default users and passwords stored by the application.
**OASAM-AUTH-003**: Weak Password Policy. Weaknesses related with the password robust policies.
**OASAM-AUTH-004**: Remember Credentials Functionality. Weaknesses related with credential storage through the remember functions.

0 comments on commit a962907

Please sign in to comment.