The OWASP Mobile Security Project is a centralized resource intended to give developers and security teams the resources they need to build and maintain secure mobile applications. Through the project, our goal is to classify mobile security risks and provide developmental controls to reduce their impact or likelihood of exploitation. The project is a breading ground for many different mobile security projects within OWASP. Right now, you can find the following active OWASP mobile security projects:
Project / deliverable
A python tool to help in forensics analysis on android.
An iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment.
A learning tool for iOS developers (iPhone, iPad, etc.). It was inspired by the WebGoat project, and has a similar conceptual flow to it.
A standard for mobile app security which outlines the security requirements of a mobile application.
A checklist which allows easy mapping and scoring of the requirements from the Mobile Application Security Verification Standard based on the Mobile Security Testing Guide.
A comprehensive manual for mobile app security testing and reverse engineering for iOS and Android mobile security testers as well as developers.
Milan Singh Thakur
The OWASP Mobile Security top 10 is created to raise awareness for the current mobile security issues. Note that this project has not been migrated yet: See this archive site
and this archive site
for the older resources.
A hacking playground with various vulnerable mobile apps for Android and iOS.
A privacy and security protection app for Android devices.
Not what you are looking for? Please have a look at the Old Mobile Security page and the Mobile Security Archive.
Want to start a new mobile security project? Follow https://www.owasp.org/index.php/Category:OWASP_Project#Starting_a_New_Project or contact one of the leaders of the active projects.
The OWASP Mobile Security project has a long history. It has been a source for many projects their predecessors as is clearly visible in the archive.
Milan Singh Thakur
David Martin Aaron
Luca De Fulgentis