Skip to content

insideapp-oss/mobile-application-security-rules

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

.github/workflows

.github/workflows

 
 

rules

rules

 
 

tests

tests

 
 

.semgrepignore

.semgrepignore

 
 

README.md

README.md

 
 

Repository files navigation

Mobile Application Security Rules

This project is a compilation of semgrep rules based on the OWASP (MASTG) for mobile applications.

semgrep is an open source static analysis tool utilized for identifying specific patterns within the target source code, without uploading it anywhere.

Usage

cd mobile-application-security-rules
semgrep scan --config rules/ path/to/your/code

Status

The rules are implemented for both native iOS (Swift) and Android (Java, Kotlin), because they represent the majority of the usages. All OWASP MASTG rules are not covered at the moment and some cannot be implemented.

Contributing

The contribution to this project is totally open.

How to run tests

# globally
semgrep scan --test --config rules tests
# atomically
semgrep scan --test --config rules/path/to/rule.yml tests/path/to/rule.ext

About

A collection of Semgrep rules inspired from the OWASP MASTG specifically for mobile applications

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

5 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages