MASTestApp is an iOS application written in Swift. Contributors can easily create and test new MASTG demos, ensuring that the static and dynamic analysis processes are properly documented and reproducible.
The app is intentionally simple, offering three essential files:
ContentView.swift- Contains the default UI, which should not be modified.Info.plist- Contains placeholders for additional things that may be needed.MastgTest.swift- Contains one function. This file is intended to be modified by users to create new MASTG demos but should not be modified in the original repository.
Contributors must copy the final modified MastgTest.swift file to their demo folder in the OWASP MASTG repository under the corresponding demos/ios/MASVS-XXXXX/MASTG-DEMO-XXXX/ folder.
Create a new folder in the MASTG repository under the corresponding demos/MASTG-DEMO-XXXX following the guidelines
Clone the app repository and open it in Android Studio.
git clone https://github.com/cpholguera/MASTestApp-iOS.git- Edit
MastgTest.swiftto implement your demo. - If applicable, modify the
Info.plistto add necessary permissions or components. - Build the app and test it on the iOS simulator or a physical device.
Run the provided script:
./tools/extract-code-for-mastg-demo.shThe output will be:
output/
├── MASTestApp
├── Info.plist
└── MASTestApp.ipaRun your reverse-engineering scripts on the compiled app (IPA) and ensure everything works as expected.
Use the iOS simulator or a physical device and run your dynamic scripts.
Once everything works fine, copy the relevant files from the output folder to the demo folder in the MASTG repository. It should look like this:
owasp-mastg/demos/MASTG-DEMO-XXXX/
├── MastgTest.swift
├── Info.plist
├── MASTG-DEMO-XXXX.md
├── MASTestApp
├── output.txt
└── run.shFinalize your demo by adding a MASTG-DEMO-XXXX.md file, tweaking the run.sh script, and adding the relevant output files.