owasp-mstg VS smali

Compare owasp-mstg vs smali and see what are their differences.

owasp-mstg

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering. (by julepka)
Suggest topics
Source Code
owasp.org
Suggest alternative
Edit details

smali

smali/baksmali (by JesusFreke)
Suggest topics
Source Code
Suggest alternative
Edit details
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
owasp-mstg smali
1 5
1 6,205
- -
10.0 0.0
almost 2 years ago 4 months ago
Java
Creative Commons Attribution Share Alike 4.0 -
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

owasp-mstg

Posts with mentions or reviews of owasp-mstg. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-11-03.
  • Google Play rolls out an "Independent security review" badge for apps
    2 projects | news.ycombinator.com | 3 Nov 2023
    I found a more detailed explanation of it: https://github.com/julepka/owasp-mstg/blob/master/Document/0...

    > Generally, you should provide compiled code with as little explanation as possible. Some metadata, such as debugging information, line numbers, and descriptive function or method names, make the binary or bytecode easier for the reverse engineer to understand, but these aren't needed in a release build and can therefore be safely omitted without impacting the app's functionality.

    I'm not a big fan of the reasoning, as it's security through obscurity. Which is not the worst tradeoff, but these days it just makes public bug bounties (and other public auditing) end up being less of an interesting prospect for improving security.

smali

Posts with mentions or reviews of smali. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-07-03.
  • I want to learn how to mod/crack apps like Balatan and other good modders. Where can I find guide to learn this?
    1 project | /r/moddedandroidapps | 27 May 2022
    In the past I've used 2 different methods. First was simply modifying the smali code to change values to what I want. For instance, instead of saving media to the internal SD card, I would save it to the external (for a 4WD GPS), or change the maximum amount of downloads from 10000 to 1000000.
  • SMALI, What's That?
    1 project | dev.to | 16 Sep 2021
    If you access the smali github wiki, you will find this definition:
  • Possivile violazione della licenza Apache 2.0 e MIT nell'applicazione CieID
    8 projects | /r/ItalyInformatica | 3 Jul 2021
  • [Tutorial] How to modify APK files for premium features
    3 projects | /r/ApksApps | 30 Jun 2021
    Next we need to decode/decompile the APK. So navigate to where you downloaded the APK and using Apktool decode Smart Audiobook Player using the decode argument. So our command will be apktool decode ak.alizandro.smartaudiobookplayer_2021-06-06.apk It will make a folder called ak.alizandro.smartaudiobookplayer_2021-06-06 which will contain all of the smali code (the 'assembly' language for DEX files - someone correct me with a better explanation please), the manifest.xml file of the APK, and all of the resources needed to compile our app back into a working APK file.
  • Web developer getting started with hacking android
    3 projects | /r/Hacking_Tutorials | 29 Jan 2021
    If interested in reversing, you’ll need tools such as (https://ibotpeaches.github.io/Apktool/ ) and dex2jar (https://github.com/pxb1988/dex2jar) and jd-GUI (http://java-decompiler.github.io/) and I also highly recommend using smali (https://github.com/JesusFreke/smali) rather than trying to analyze the machine code if jd-GUI fails to recompile something back to the pseudo-Java. There’s actually a very good LinkedIn learning video on how to use all these tools together called Learning Android Malware Analysis, just get the trial or w/e and do the course then cancel.

What are some alternatives?

When comparing owasp-mstg and smali you can also consider the following projects:

buildAPKs - Really quickly build APKs on handheld device (smartphone or tablet) in Amazon, Android, Chromebook and Windows📲 See https://buildapks.github.io/docsBuildAPKs/setup to start building APKs.

OkHttp - Square’s meticulous HTTP client for the JVM, Android, and GraalVM.

android-udev-rules - Android udev rules list aimed to be the most comprehensive on the net

owasp-mastg - The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

website - The elementary.io website

Picasso - A powerful image downloading and caching library for Android

reFlutter - Flutter Reverse Engineering Framework

Dexter - Android library that simplifies the process of requesting permissions at runtime.

owasp-masvs - The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

PinView - A PIN view library for Android. Use to enter PIN/OTP/password etc.

theos-jailed - A Theos module to develop jailed tweaks for iOS 8 and up

zxing-android-embedded - Barcode scanner library for Android, based on the ZXing decoder

owasp-mstg vs buildAPKs smali vs OkHttp owasp-mstg vs android-udev-rules smali vs owasp-mastg owasp-mstg vs website smali vs Picasso owasp-mstg vs reFlutter smali vs Dexter owasp-mstg vs owasp-masvs smali vs PinView owasp-mstg vs theos-jailed smali vs zxing-android-embedded