OWASP mobile security

OWASP mobile image

The OWASP Mobile Security Project is a centralized resource intended to give developers and security teams the resources they need to build and maintain secure mobile applications. Through the project, our goal is to classify mobile security risks and provide developmental controls to reduce their impact or likelihood of exploitation. The project is a breading ground for many different mobile security projects within OWASP. Right now, you can find the following active OWASP mobile security projects:

Project / deliverable More info Current leaders Description
Android CK project Project
Page
Florian Pradines A python tool to help in forensics analysis on android.
Damn Vulnerable iOS Application Project
Page
Prateek Gianchandani An iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment.
iGoat Tool Project Project
Page
Swaroop Yermalkar A learning tool for iOS developers (iPhone, iPad, etc.). It was inspired by the WebGoat project, and has a similar conceptual flow to it.
Mobile Application Security Verification Standard Project
Page
Sven Schleier
Jeroen Willemsen
Carlos Holguera
A standard for mobile app security which outlines the security requirements of a mobile application.
Mobile Security Checklist Project
Page
Sven Schleier
Jeroen Willemsen
Carlos Holguera
A checklist which allows easy mapping and scoring of the requirements from the Mobile Application Security Verification Standard based on the Mobile Security Testing Guide.
Mobile Security Testing Guide Project
Page
Sven Schleier
Jeroen Willemsen
Carlos Holguera
A comprehensive manual for mobile app security testing and reverse engineering for iOS and Android mobile security testers as well as developers.
Mobile Top Ten Project
Page
Jason Haddix
Daniel Miessler
Jonathan Carter
Milan Singh Thakur
The OWASP Mobile Security top 10 is created to raise awareness for the current mobile security issues.
MSTG Hacking Playground Project
Page
Sven Schleier
Jeroen Willemsen
Carlos Holguera
A hacking playground with various vulnerable mobile apps for Android and iOS.
Seraphimdroid Project
Page
Nikola Milosevic
Kartik Kholi
A privacy and security protection app for Android devices.

Not what you are looking for? Please have a look at the Mobile Security Page Archive.

Want to start a new mobile security project? Follow https://www.owasp.org/index.php/Category:OWASP_Project#Starting_a_New_Project or contact one of the leaders of the active projects.


Acknowledgements

The OWASP Mobile Security project has a long history. It has been a source for many projects their predecessors as is clearly visible in the archive.

Former Leaders

Jonathan Carter Milan Singh Thakur Mike Zusman Tony DeLaGrange Sarath Geethakumar Tom Eston Don Williams Jason Haddix

Top Contributors

Zach Lanier Ludovic Petit Swapnil Deshmukh Beau Woods David Martin Aaron Luca De Fulgentis Andrew Pannell Stephanie V