Update MSTG with changes in Android 8 (Oreo)

Track: Owasp Projects
When: Tue PM-1, PM-2
Where: Owasp Projects
Organizers Sven Schleier Sven Schleier
Participants Carlos Holguera Carlos Holguera , Arne Zismer Arne Zismer , Abhinav Sejpal Abhinav Sejpal , Aurelijus Stanislovaitis Aurelijus Stanislovaitis , Clara Anel Mansilla Clara Anel Mansilla , Stephanie Vanroelen Stephanie Vanroelen , Sven Schleier Sven Schleier , Xenofon Vassilakopoulos Xenofon Vassilakopoulos
Remote Participants Ashraf Iftekhar Ashraf Iftekhar , Rohit Sangaraj Rohit Sangaraj , Sandeep Akula Sandeep Akula

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS).


With every (major) release of Android security controls are added/changed or may become obsolete. This session is to identify these changes in Android 8 and to update the MSTG along the way.


An updated Android chapter in the MSTG that covers the latest changes of security controls in Android 8. The MSTG is hosted in Github and can easily be edited by anyone, just a Github account is needed and knowledge on how to create a pull request.


The target audience for this Working Session is:

  • Android Developers
  • Penetration Testers

Everyone else who is interested in mobile security and some technical know-how :-)


Android Security Android Oreo

Register as participant

To register as participant add Update MSTG with changes in Android 8 (Oreo) to either:

  1. the sessions metadata field from your participant's page (find your participant page and look for the edit link).
  2. or the participants metadata field from this git session page

Back to list of all Working Sessions