Switch branches/tags
Nothing to show
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


#OASAM-AUTH: Authentication

In this section, functionalities related with the use of logins through the application will be checked. Note that vulnerability cases will be searched within the Android application. If the authentication is carried out against a thirdparty (WebService, REST service, etc.), the third-party security will not be assessed, only the weaknesses related with the Android application itself.

The following controls are applied in this section:

OASAM-AUTH-001: Login methods!!!!!!!! / PENDING.

OASAM-AUTH-002: Default Users and Passwords.List of default users and passwords stored by the application.

OASAM-AUTH-003: Weak Password Policy. Weaknesses related with the password robust policies.

OASAM-AUTH-004: Remember Credentials Functionality. Weaknesses related with credential storage through the remember functions.