Don’t get stung by OWASP
An intro into writing code for greater Android Security
This is the companion app to my "Don’t get stung by OWASP" talk, in which I discuss the Top 5 rated security risks to Mobile as determined by the OWASP Foundation
™️
My Secure App -
This very basic app has two activities
LoginActivity
andMainActivity
-
The user enters the PIN and is taken to the
MainActivity
-
PIN is initially 1234 and in later branches 123456
-
Later branches call the Rick & Morty API for a custom greeting
How to use this repo
Each of the Top 5 vulnerbilities are demonstrated (in some form) within this very basic application.
For each vulnerbility, a branch with examples of the vulnerbilities is available. Additionally, each of these branches has an associated 'fix' branch that shows how to address the vulnerbilitiy.
Please use the git history of this repo to help guide you
Further Reading
Please checkout these excellent resources:
Disclaimer
This repo is NOT associated with and/or endorsed by the OWASP Foundation or my employer!