OWASP / mastg

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

12,727 stars

2,673 forks

250 issues

PythonShell

Chat with Codebase Architecture Scan Security Audit Explain Codebase

AI Architecture Analysis

This repository is indexed by RepoMind. By analyzing OWASP/mastg in our AI interface, you can instantly generate complete architecture diagrams, visualize control flows, and perform automated security audits across the entire codebase.

Our Agentic Context Augmented Generation (Agentic CAG) engine loads full source files into context, avoiding the fragmentation of traditional RAG systems. Ask questions about the architecture, dependencies, or specific features to see it in action.

Click here to launch the interactive analysis workspace

Embed this Badge

Showcase RepoMind's analysis directly in your repository's README.

[![Analyzed by RepoMind](https://img.shields.io/badge/Analyzed%20by-RepoMind-4F46E5?style=for-the-badge)](https://repomind-ai.vercel.app/repo/OWASP/mastg)

Preview:

Analyzed by RepoMind

Repository Summary (README)

Preview

<img width="180px" align="right" style="float: right;" src="cover.png">

OWASP Mobile Application Security Testing Guide (MASTG)

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the controls listed in the OWASP Mobile Application Verification Standard (MASVS).

OWASP MAS: OWASP MASVS ➡ OWASP MASWE ➡ OWASP MASTG

<br> <center> <a href="https://mas.owasp.org/MASTG/"> <img width="250px" src="Document/Images/open_website.png"/> </a> </center> <br>

🌐 Access the MASTG Web
✅ Get the latest Mobile App Security Checklists
⚡ Contribute!
💥 Play with our Crackmes
📞 Contact Us

<br>

Trusted by

The OWASP MASVS, MASWE and MASTG are trusted by the following platform providers and standardization, governmental and educational institutions. Learn more.

<a href="https://mas.owasp.org/MASTG/0x02b-MASVS-MASTG-Adoption/"> <img src="Document/Images/Other/trusted-by-logos.png"/> </a> <br>

🥇 MAS Advocates

MAS Advocates are industry adopters of the OWASP MASVS, MASWE and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word. Learn more.

<br> <a href="https://mas.owasp.org/MASTG/0x02c-Acknowledgements#our-mastg-advocates"> <img src="Document/Images/Other/nowsecure-logo.png" width="200px;" /> <img src="Document/Images/Other/guardsquare-logo.png" width="200px;" /> </a> <br>