Add MASTG-TECH-0142 for inspecting Android WebView storage#3605
Open
SuyashJain17 wants to merge 1 commit intoOWASP:masterfrom
Open
Add MASTG-TECH-0142 for inspecting Android WebView storage#3605SuyashJain17 wants to merge 1 commit intoOWASP:masterfrom
SuyashJain17 wants to merge 1 commit intoOWASP:masterfrom
Conversation
cpholguera
requested changes
Jan 26, 2026
Collaborator
cpholguera
left a comment
cpholguera
left a comment
There was a problem hiding this comment.
Please also update the declarations in the PR description: #3605
Collaborator
There was a problem hiding this comment.
- Please resolve the conflicts, the goal was to update the existing TECH, not to create a new one.
- The mentioned test does exist and should be accordingly updated: https://mas.owasp.org/MASTG/tests/android/MASVS-PLATFORM/MASTG-TEST-0320/
- Please do not break lines as you're doing. Each paragraph should be a line.
- No need to justify why the technique is needed or what the best practices are.
- Use @MASTG-TOOL-XXXX IDs everywhere.
- If another MASTG-TECH covers part of the steps here you should use it instead (e.g. for "Obtain a shell").
- Refer to MASTG-KNOW-0018 for "what to expect within this folder".
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR closes #3602
Description
Adds MASTG-TECH-0142 to document direct inspection of Android WebView
storage under /data/data/<app_package>/app_webview/ using adb,
@MASTG-TOOL-0006, and Android Studio.
Note: The issue references MASTG-TEST-0320 as an example. This test does not
currently exist, and existing MASVS-PLATFORM tests were reviewed without
finding a suitable location for a reference. This change therefore
focuses on adding the missing technique.
AI Tool Disclosure
Check exactly one option.
If AI tools were used to generate or substantially modify code or text, complete the following.
For first-time contributors using AI tools.
Undisclosed use of AI tools will result in the PR being closed. Large rewrites or bulk changes generated by AI require explicit prior approval from the maintainers. Learn more in "Use of AI tools in contributions".
Contributor Checklist
Relevant documentation.
Contributors are expected to understand basic git and GitHub workflows, including forks, branches, commits, and pull requests. The project does not provide training. Pull requests that do not meet these minimum requirements may be closed without review.