Skip to content

Latest commit

 

History

History
107 lines (58 loc) · 4.36 KB

IndexMASVS.md

File metadata and controls

107 lines (58 loc) · 4.36 KB
Raw

MASVS Index

Table of Contents

Objective

The objective of this index is to help OWASP Mobile Application Security Verification Standard (MASVS) users clearly identify which cheat sheets are useful for each section during their usage of the MASVS.

This index is based on the version 1.x.x of the MASVS.

V1: Architecture, Design and Threat Modeling Requirements

Threat Modeling Cheat Sheet.

Abuse Case Cheat Sheet.

Attack Surface Analysis Cheat Sheet.

V2: Data Storage and Privacy Requirements

Password Storage Cheat Sheet.

Abuse Case Cheat Sheet.

User Privacy Protection Cheat Sheet.

Logging Cheat Sheet.

V3: Cryptography Requirements

Cryptographic Storage Cheat Sheet.

Key Management Cheat Sheet.

V4: Authentication and Session Management Requirements

Authentication Cheat Sheet.

Authorization Cheat Sheet.

Session Management Cheat Sheet.

Transaction Authorization Cheat Sheet.

Access Control Cheat Sheet.

JSON Web Token Cheat Sheet for Java.

Credential Stuffing Prevention Cheat Sheet.

V5: Network Communication Requirements

Transport Layer Protection Cheat Sheet.

TLS Cipher String Cheat Sheet.

HTTP Strict Transport Security Cheat Sheet.

REST Security Cheat Sheet.

Web Service Security Cheat Sheet.

V6: Environmental Interaction Requirements

None.

V7: Code Quality and Build Setting Requirements

Vulnerable Dependency Management Cheat Sheet.

Error Handling Cheat Sheet.

Deserialization Cheat Sheet.

Logging Cheat Sheet.

Insecure Direct Object Reference Prevention Cheat Sheet.

Input Validation Cheat Sheet.

Injection Prevention Cheat Sheet.

Injection Prevention Cheat Sheet in Java.

OS Command Injection Defense Cheat Sheet.

Query Parameterization Cheat Sheet.

SQL Injection Prevention Cheat Sheet.

XXE Prevention Cheat Sheet.

XML Security Cheat Sheet.

V8: Resiliency Against Reverse Engineering Requirements

None.