Table of Contents¶
- V1: Architecture, Design and Threat Modeling Requirements
- V2: Data Storage and Privacy Requirements
- V3: Cryptography Requirements
- V4: Authentication and Session Management Requirements
- V5: Network Communication Requirements
- V6: Environmental Interaction Requirements
- V7: Code Quality and Build Setting Requirements
- V8: Resiliency Against Reverse Engineering Requirements
The objective of this index is to help OWASP Mobile Application Security Verification Standard (MASVS) users clearly identify which cheat sheets are useful for each section during their usage of the MASVS.
This index is based on the version 1.x.x of the MASVS.
V1: Architecture, Design and Threat Modeling Requirements¶
Attack Surface Analysis Cheat Sheet.
V2: Data Storage and Privacy Requirements¶
User Privacy Protection Cheat Sheet.
V3: Cryptography Requirements¶
Cryptographic Storage Cheat Sheet.
V4: Authentication and Session Management Requirements¶
Session Management Cheat Sheet.
Transaction Authorization Cheat Sheet.
JSON Web Token Cheat Sheet for Java.
Credential Stuffing Prevention Cheat Sheet.
V5: Network Communication Requirements¶
Transport Layer Protection Cheat Sheet.
TLS Cipher String Cheat Sheet.
HTTP Strict Transport Security Cheat Sheet.
Web Service Security Cheat Sheet.
V6: Environmental Interaction Requirements¶
V7: Code Quality and Build Setting Requirements¶
Vulnerable Dependency Management Cheat Sheet.
Insecure Direct Object Reference Prevention Cheat Sheet.
Injection Prevention Cheat Sheet.
Injection Prevention Cheat Sheet in Java.
OS Command Injection Defense Cheat Sheet.
Query Parameterization Cheat Sheet.
SQL Injection Prevention Cheat Sheet.
V8: Resiliency Against Reverse Engineering Requirements¶