You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Dynamic test that uses Frida e.g. via objection via MASTG-TECH-0012 to "try to bypass" pinning. This will reveal what mechanisms are actually in place. This helps confirm how/where pinning is implemented and then be able to statically analyze those locations.
The remaining tests according to the sections we defined in 0x05g need to be added
Test 1
Static test for the custom Trust Manager case. Does the app use this approach and if it does, is it correct? For example: uses a Trust Manager that does nothing and therefore trusts everything.
Test 2
Dynamic test that uses Frida e.g. via objection via MASTG-TECH-0012 to "try to bypass" pinning. This will reveal what mechanisms are actually in place. This helps confirm how/where pinning is implemented and then be able to statically analyze those locations.
There are caveats of course as the original test indicates but it's useful.
(Followup to #3035)
The text was updated successfully, but these errors were encountered: