Skip to content
/ mas-website Public

The OWASP Mobile Application Security Project website is the central hub for industry-leading standards, guides, and resources—helping developers and security professionals build, test, and secure mobile applications.

mas.owasp.org/

License

CC-BY-SA-4.0 license
1 star 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

OWASP/mas-website

BranchesTags

Repository files navigation

OWASP Mobile Application Security Project Website

This repository contains the source and configuration for the OWASP Mobile Application Security Project website (mas.owasp.org).

This website aggregates, organizes, and presents documentation from the main MAS resources using MkDocs and the mkdocs-material theme.

Each resource lives in its own GitHub repository:

Resource Description GitHub Repo
MASVS Cover MASVS (Mobile Application Security Verification Standard)
The industry standard for mobile app security requirements.		 OWASP/masvs
MASWE Cover MASWE (Mobile Application Security Weakness Enumeration)
A categorized list of common security and privacy weaknesses in mobile apps.		 OWASP/maswe
MASTG Cover MASTG (Mobile Application Security Testing Guide)
A comprehensive manual for mobile app security testing and reverse engineering.		 OWASP/mastg

Development

The two key components of the repo are:

  • The docs/ directory, which contains all the source files for the website.
  • The mkdocs.yml file, which configures the MkDocs site.

The site uses a range of MkDocs features and plugins in the mkdocs.yml file, including:

  • Material for MkDocs theme (theme) with custom icons, logo, and palette switching (light/dark mode). See Material for MkDocs documentation for details.
  • Navigation tabs, sticky tabs, instant navigation, and tracking (theme.features) for improved UX.
  • Search (plugins: search) with suggestions and sharing.
  • Tags (plugins: tags) and blog (plugins: blog) plugins for dynamic content organization and news posts.
  • Awesome Pages (plugins: awesome-pages) for flexible navigation structure.
  • Redirects plugin (plugins: redirects) with custom Python hooks (hooks) for legacy and dynamic page redirects.
  • Custom hooks (hooks) for dynamic content, banners, cross-references, demo buttons, and more.
  • Markdown extensions (markdown_extensions): meta, TOC with permalinks, admonition, tables, fenced code blocks, emoji, progress bars, tabbed content, snippets, and more.
  • Extra CSS/JS (extra_css, extra_javascript) for tables, navigation, filtering, and external links.
  • Google Analytics integration (extra.analytics).
  • Copyright and license info (copyright) displayed in the footer.

Local Development

To build and serve the website locally see this guide.

Deployment

GitHub Actions build and deploy the site on push to main (see .github/workflows/).
The workflow fetches the latest content from the upstream MASTG, MASVS, and MASWE repos before building.

Contributing

Website improvements, bug fixes, and documentation updates are welcome! See our contributing guidelines for details.

About

The OWASP Mobile Application Security Project website is the central hub for industry-leading standards, guides, and resources—helping developers and security professionals build, test, and secure mobile applications.

mas.owasp.org/

Resources

Readme

License

CC-BY-SA-4.0 license

Contributing

Contributing
Activity
Custom properties

Stars

1 star

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Contributors 18
+ 4 contributors

Languages