MASVS-RESILIENCE
Checklists Updated (June 2025)
The checklists now includeall MASTG tests, as well as updated mappings to the newMAS profiles.
| MASVS-ID | MASTG-TEST-ID | Control / MASTG Test | Platform | L1 | L2 | R | P | Status |
|---|---|---|---|---|---|---|---|---|
| MASVS-RESILIENCE-1 | The app validates the integrity of the platform. | |||||||
| MASTG-TEST-0045 | Testing Root Detection | platform:android | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0247 | References to APIs for Detecting Secure Screen Lock | platform:android | profile:L2 | newstatus:new | ||||
| MASTG-TEST-0249 | Runtime Use of Secure Screen Lock Detection APIs | platform:android | profile:L2 | newstatus:new | ||||
| MASTG-TEST-0049 | Testing Emulator Detection | platform:android | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0240 | Jailbreak Detection in Code | platform:ios | profile:R | newstatus:new | ||||
| MASTG-TEST-0088 | Testing Jailbreak Detection | platform:ios | profile:R | deprecatedstatus:deprecated | ||||
| MASTG-TEST-0246 | Runtime Use of Secure Screen Lock Detection APIs | platform:ios | profile:L2 | newstatus:new | ||||
| MASTG-TEST-0248 | References to APIs for Detecting Secure Screen Lock | platform:ios | profile:L2 | newstatus:new | ||||
| MASTG-TEST-0092 | Testing Emulator Detection | platform:ios | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0241 | Runtime Use of Jailbreak Detection Techniques | platform:ios | profile:R | newstatus:new | ||||
| MASVS-RESILIENCE-2 | The app implements anti-tampering mechanisms. | |||||||
| MASTG-TEST-0038 | Making Sure that the App is Properly Signed | platform:android | profile:R | deprecatedstatus:deprecated | ||||
| MASTG-TEST-0050 | Testing Runtime Integrity Checks | platform:android | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0047 | Testing File Integrity Checks | platform:android | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0224 | Usage of Insecure Signature Version | platform:android | profile:R | newstatus:new | ||||
| MASTG-TEST-0225 | Usage of Insecure Signature Key Size | platform:android | profile:R | newstatus:new | ||||
| MASTG-TEST-0081 | Making Sure that the App Is Properly Signed | platform:ios | profile:R | deprecatedstatus:deprecated | ||||
| MASTG-TEST-0090 | Testing File Integrity Checks | platform:ios | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0220 | Usage of Outdated Code Signature Format | platform:ios | profile:R | newstatus:new | ||||
| MASVS-RESILIENCE-3 | The app implements anti-static analysis mechanisms. | |||||||
| MASTG-TEST-0041 | Testing for Debugging Code and Verbose Error Logging | platform:android | profile:R | deprecatedstatus:deprecated | ||||
| MASTG-TEST-0288 | Debugging Symbols in Native Binaries | platform:android | profile:R | newstatus:new | ||||
| MASTG-TEST-0051 | Testing Obfuscation | platform:android | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0040 | Testing for Debugging Symbols | platform:android | profile:R | deprecatedstatus:deprecated | ||||
| MASTG-TEST-0263 | Logging of StrictMode Violations | platform:android | profile:R | newstatus:new | ||||
| MASTG-TEST-0264 | Runtime Use of StrictMode APIs | platform:android | profile:R | newstatus:new | ||||
| MASTG-TEST-0265 | References to StrictMode APIs | platform:android | profile:R | newstatus:new | ||||
| MASTG-TEST-0084 | Testing for Debugging Code and Verbose Error Logging | platform:ios | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0093 | Testing Obfuscation | platform:ios | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0083 | Testing for Debugging Symbols | platform:ios | profile:R | deprecatedstatus:deprecated | ||||
| MASTG-TEST-0219 | Testing for Debugging Symbols | platform:ios | profile:R | newstatus:new | ||||
| MASVS-RESILIENCE-4 | The app implements anti-dynamic analysis techniques. | |||||||
| MASTG-TEST-0226 | Debuggable Flag Enabled in the AndroidManifest | platform:android | profile:R | newstatus:new | ||||
| MASTG-TEST-0046 | Testing Anti-Debugging Detection | platform:android | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0048 | Testing Reverse Engineering Tools Detection | platform:android | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0227 | Debugging Enabled for WebViews | platform:android | profile:R | newstatus:new | ||||
| MASTG-TEST-0039 | Testing whether the App is Debuggable | platform:android | profile:R | deprecatedstatus:deprecated | ||||
| MASTG-TEST-0082 | Testing whether the App is Debuggable | platform:ios | profile:R | deprecatedstatus:deprecated | ||||
| MASTG-TEST-0261 | Debuggable Entitlement Enabled in the entitlements.plist | platform:ios | profile:R | newstatus:new | ||||
| MASTG-TEST-0089 | Testing Anti-Debugging Detection | platform:ios | profile:R | update-pendingstatus:update-pending | ||||
| MASTG-TEST-0091 | Testing Reverse Engineering Tools Detection | platform:ios | profile:R | update-pendingstatus:update-pending |