Posted on Leave a comment

QA, testing in mobile development

OWASP Mobile Security Testing Guide [https://github.com/OWASP/owasp-mstg/blob/master/README.md]



Как наконец-то начать писать тесты и не пожалеть об этом [https://habr.com/company/custis/blog/427603/]

Deep Dive into writing Performance Tests with @JankTest
[https://proandroiddev.com/deep-dive-into-writing-performance-tests-with-janktest-46494e46b43]

Типичные ошибки при написании юнит-тестов. Лекция Яндекса
[https://habr.com/ru/company/yandex/blog/436850/]

Posted on Leave a comment

Android – keep secrets right

research of android security [https://tproger.ru/digest/android-security-resources/]

SSL pinning защита мобильного банкинга на android с помощью ssl сертификата [https://www.emaro-ssl.ru/blog/ssl-pinning-for-android/] [pdf]

Android AES crypto encryption [https://habrahabr.ru/company/rambler-co/blog/279835/] AES/CBC/PKCS5Padding [pdf]

Tampering detection Android [https://www.airpair.com/android/posts/adding-tampering-detection-to-your-android-app]

Authentication Android SSL client cert [https://habrahabr.ru/post/194530/] [pdf]

Tips for Developing Secure Android Applications [https://medium.com/@saranyaan2710/tips-for-developing-secure-android-applications-984a89ae3190]

Using a Custom Certificate Trust Store on Android [https://nelenkov.blogspot.com/2011/12/using-custom-certificate-trust-store-on.html]


Secure data in Android — Encryption

This article is a part of “Secure data in Android” series:

Encryption
Encryption in Android (Part 1)
Encryption in Android (Part 2)
Encrypting Large Data
Initialization Vector
Key Invalidation
Fingerprint
Confirm Credentials


pdf