Skip to content

MASVS Index

Table of Contents

Objective

The objective of this index is to help OWASP Mobile Application Security Verification Standard (MASVS) users clearly identify which cheat sheets are useful for each section during their usage of the MASVS.

This index is based on version 2.1.0 of the MASVS.

MASVS-STORAGE

Password Storage Cheat Sheet

Logging Cheat Sheet

Cryptographic Storage Cheat Sheet

Secrets Management Cheat Sheet

MASVS-CRYPTO

Cryptographic Storage Cheat Sheet

Key Management Cheat Sheet

MASVS-AUTH

Authentication Cheat Sheet

Authorization Cheat Sheet

Session Management Cheat Sheet

Transaction Authorization Cheat Sheet

Access Control Cheat Sheet

JSON Web Token Cheat Sheet for Java

Credential Stuffing Prevention Cheat Sheet

MASVS-NETWORK

Transport Layer Security Cheat Sheet

HTTP Strict Transport Security Cheat Sheet

REST Security Cheat Sheet

Web Service Security Cheat Sheet

Pinning Cheat Sheet

MASVS-PLATFORM

Attack Surface Analysis Cheat Sheet

MASVS-CODE

Vulnerable Dependency Management Cheat Sheet

Error Handling Cheat Sheet

Deserialization Cheat Sheet

Logging Cheat Sheet

Insecure Direct Object Reference Prevention Cheat Sheet

Input Validation Cheat Sheet

Injection Prevention Cheat Sheet

Injection Prevention Cheat Sheet in Java

OS Command Injection Defense Cheat Sheet

Query Parameterization Cheat Sheet

SQL Injection Prevention Cheat Sheet

XXE Prevention Cheat Sheet

XML Security Cheat Sheet

MASVS-RESILIENCE

Threat Modeling Cheat Sheet

Abuse Case Cheat Sheet

Attack Surface Analysis Cheat Sheet

Mobile Application Security Cheat Sheet

MASVS-PRIVACY

User Privacy Protection Cheat Sheet