This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP OMTG Hacking Playground

From OWASP
Jump to: navigation, search
OWASP Project Header.jpg

OWASP OMTG Hacking Playground Tool Project

The OMTG hacking playground consists of a vulnerable Android App that maps to the different test cases in the OWASP Mobile Testing Guide. An iOS will be available soon.

Description

The OWASP Mobile Testing Guide (OMTG) will be similar to the OWASP Web Application Testing Guide, but will have specific test cases only applicable to mobile platforms. In order to give practical guidance to developers, security researches and penetration testers, a hacking playground was created that consists of different mobile App’s that contain different vulnerabilities that map to the OMTG test cases. Every test case described in the OMTG will therefore be implemented in an Android and iOS App. This has two advantages:

  • A developer can identify vulnerable code in the provided App’s and can see the implications and risks if such patterns are used and can look for the best practices in the OMTG to mitigate the vulnerabilities.
  • Penetration testers / security researchers can identify bad practices, dangerous methods and classes they should look first on when assessing a Mobile App and can gain more knowledge through the information provided in the OMTG.

Licensing

GNU GPL v3 License (allows commercial use, but requires that modi cations to your code stay open source, thus prohibiting proprietary forks of your project


A project must be licensed under a community friendly or open source license.  For more information on OWASP recommended licenses, please see OWASP Licenses. While OWASP does not promote any particular license over another, the vast majority of projects have chosen a Creative Commons license variant for documentation projects, or a GNU General Public License variant for tools and code projects. This example assumes that you want to use the AGPL 3.0 license.

This program is free software: you can redistribute it and/or modify it under the terms of the link GNU Affero General Public License 3.0 as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

Project Resources

Source Code

Wiki

Issue Tracker


Project Leader

Sven Schleier

Related Projects

Classifications

Project Type Files TOOL.jpg
Incubator Project Owasp-builders-small.png
Owasp-defenders-small.png
Affero General Public License 3.0

News and Events

  • [July 2016] First Android Version available via GitHub.

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_OMTG_Hacking_Playground&oldid=224369"