├── .gitignore ├── CONTRIBUTING.md ├── LANGS.md ├── LICENSE.md ├── PUBLISHING.md ├── README.md ├── book.json ├── cover.jpg ├── cover_small.jpg ├── en ├── README.md ├── SUMMARY.md ├── android │ ├── README.md │ ├── android-apk-signing.md │ ├── avoid-gui-objects-caching.md │ ├── avoid-intent-sniffing.md │ ├── avoid-storing-cached-camera-images.md │ ├── check-activities.md │ ├── implement-content-providers-carefully.md │ ├── implement-file-permissions-carefully.md │ ├── implement-intents-carefully.md │ ├── implement-pendingintents-carefully.md │ ├── protect-application-services.md │ ├── request-permissions-carefully.md │ ├── set-usescleartexttraffic-to-false.md │ ├── use-broadcasts-carefully.md │ └── webview-best-practices.md ├── assets │ ├── logo.svg │ └── mobile-attack-surface.png ├── caching-logging │ ├── README.md │ ├── avoid-caching-app-data.md │ ├── avoid-crash-logs.md │ ├── be-aware-of-copy-paste.md │ ├── be-aware-of-the-keyboard-cache.md │ ├── carefully-manage-debug-logs.md │ └── limit-caching-of-username.md ├── coding-practices │ ├── README.md │ ├── anti-tamper-techniques.md │ ├── avoid-query-string-for-sensitive-data.md │ ├── avoid-simple-logic.md │ ├── code-complexity-and-obfuscation.md │ ├── deserializing-untrusted-data.md │ ├── securely-store-sensitive-data-in-ram.md │ ├── test-third-party-libraries.md │ └── understand-secure-deletion-of-data.md ├── ios │ ├── README.md │ ├── avoid-cached-application-snapshots.md │ ├── avoid-caching-https-requests-responses.md │ ├── declare-protected-data.md │ ├── implement-app-transport-security.md │ ├── implement-protections-against-buffer-overflow-attacks.md │ ├── implement-touch-id-properly.md │ └── use-the-keychain-carefully.md ├── primer │ └── mobile-security.md ├── sensitive-data │ ├── README.md │ ├── avoid-storing-app-data-in-backups.md │ ├── fully-validate-ssl-tls.md │ ├── hide-account-numbers-and-use-tokens.md │ ├── implement-enhanced-two-factor-authentication.md │ ├── implement-secure-data-storage.md │ ├── implement-secure-network-transmission-of-sensitive-data.md │ ├── institute-local-session-timeout.md │ ├── limit-use-of-uuid.md │ ├── protect-against-sslstrip.md │ ├── protect-application-settings.md │ ├── treat-geolocation-data-carefully.md │ ├── use-secure-setting-for-cookies.md │ └── validate-input-from-client.md ├── servers │ ├── README.md │ ├── protect-and-pen-test-web-services.md │ ├── protect-internal-resources.md │ ├── server-side-ssl-configuration.md │ ├── web-server-configuration.md │ └── web-servers-proper-session-management.md ├── styles │ ├── pdf.css │ └── website.css └── webviews │ ├── README.md │ ├── prevent-framing-and-clickjacking.md │ └── protect-against-csrf-with-form-tokens.md ├── s3_website.yml └── zh ├── README.md ├── SUMMARY.md ├── android ├── README.md ├── android-apk-signing.md ├── avoid-gui-objects-caching.md ├── avoid-intent-sniffing.md ├── avoid-storing-cached-camera-images.md ├── check-activities.md ├── implement-content-providers-carefully.md ├── implement-file-permissions-carefully.md ├── implement-intents-carefully.md ├── implement-pendingintents-carefully.md ├── protect-application-services.md ├── use-broadcasts-carefully.md └── webview-best-practices.md ├── assets ├── logo.svg └── mobile-attack-surface.png ├── caching-logging ├── README.md ├── avoid-caching-app-data.md ├── avoid-crash-logs.md ├── be-aware-of-copy-paste.md ├── be-aware-of-the-keyboard-cache.md ├── carefully-manage-debug-logs.md └── limit-caching-of-username.md ├── coding-practices ├── README.md ├── anti-tamper-techniques.md ├── avoid-query-string-for-sensitive-data.md ├── avoid-simple-logic.md ├── code-complexity-and-obfuscation.md ├── securely-store-sensitive-data-in-ram.md ├── test-third-party-libraries.md └── understand-secure-deletion-of-data.md ├── ios ├── README.md ├── avoid-cached-application-snapshots.md ├── avoid-caching-https-requests-responses.md ├── implement-app-transport-security.md ├── implement-protections-against-buffer-overflow-attacks.md ├── implement-touch-id-properly.md └── use-the-keychain-carefully.md ├── primer └── mobile-security.md ├── sensitive-data ├── README.md ├── avoid-storing-app-data-in-backups.md ├── fully-validate-ssl-tls.md ├── hide-account-numbers-and-use-tokens.md ├── implement-enhanced-two-factor-authentication.md ├── implement-secure-data-storage.md ├── implement-secure-network-transmission-of-sensitive-data.md ├── institute-local-session-timeout.md ├── limit-use-of-uuid.md ├── protect-against-sslstrip.md ├── protect-application-settings.md ├── treat-geolocation-data-carefully.md ├── use-secure-setting-for-cookies.md └── validate-input-from-client.md ├── servers ├── README.md ├── protect-and-pen-test-web-services.md ├── protect-internal-resources.md ├── server-side-ssl-configuration.md ├── web-server-configuration.md └── web-servers-proper-session-management.md ├── styles ├── pdf.css └── website.css └── webviews ├── README.md ├── prevent-framing-and-clickjacking.md └── protect-against-csrf-with-form-tokens.md /.gitignore: -------------------------------------------------------------------------------- 1 | .envrc 2 | _book 3 | node_modules 4 | *.pdf 5 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /LANGS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/LANGS.md -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/LICENSE.md -------------------------------------------------------------------------------- /PUBLISHING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/PUBLISHING.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/README.md -------------------------------------------------------------------------------- /book.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/book.json -------------------------------------------------------------------------------- /cover.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/cover.jpg -------------------------------------------------------------------------------- /cover_small.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/cover_small.jpg -------------------------------------------------------------------------------- /en/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/README.md -------------------------------------------------------------------------------- /en/SUMMARY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/SUMMARY.md -------------------------------------------------------------------------------- /en/android/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/README.md -------------------------------------------------------------------------------- /en/android/android-apk-signing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/android-apk-signing.md -------------------------------------------------------------------------------- /en/android/avoid-gui-objects-caching.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/avoid-gui-objects-caching.md -------------------------------------------------------------------------------- /en/android/avoid-intent-sniffing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/avoid-intent-sniffing.md -------------------------------------------------------------------------------- /en/android/avoid-storing-cached-camera-images.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/avoid-storing-cached-camera-images.md -------------------------------------------------------------------------------- /en/android/check-activities.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/check-activities.md -------------------------------------------------------------------------------- /en/android/implement-content-providers-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/implement-content-providers-carefully.md -------------------------------------------------------------------------------- /en/android/implement-file-permissions-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/implement-file-permissions-carefully.md -------------------------------------------------------------------------------- /en/android/implement-intents-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/implement-intents-carefully.md -------------------------------------------------------------------------------- /en/android/implement-pendingintents-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/implement-pendingintents-carefully.md -------------------------------------------------------------------------------- /en/android/protect-application-services.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/protect-application-services.md -------------------------------------------------------------------------------- /en/android/request-permissions-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/request-permissions-carefully.md -------------------------------------------------------------------------------- /en/android/set-usescleartexttraffic-to-false.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/set-usescleartexttraffic-to-false.md -------------------------------------------------------------------------------- /en/android/use-broadcasts-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/use-broadcasts-carefully.md -------------------------------------------------------------------------------- /en/android/webview-best-practices.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/android/webview-best-practices.md -------------------------------------------------------------------------------- /en/assets/logo.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/assets/logo.svg -------------------------------------------------------------------------------- /en/assets/mobile-attack-surface.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/assets/mobile-attack-surface.png -------------------------------------------------------------------------------- /en/caching-logging/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/caching-logging/README.md -------------------------------------------------------------------------------- /en/caching-logging/avoid-caching-app-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/caching-logging/avoid-caching-app-data.md -------------------------------------------------------------------------------- /en/caching-logging/avoid-crash-logs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/caching-logging/avoid-crash-logs.md -------------------------------------------------------------------------------- /en/caching-logging/be-aware-of-copy-paste.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/caching-logging/be-aware-of-copy-paste.md -------------------------------------------------------------------------------- /en/caching-logging/be-aware-of-the-keyboard-cache.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/caching-logging/be-aware-of-the-keyboard-cache.md -------------------------------------------------------------------------------- /en/caching-logging/carefully-manage-debug-logs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/caching-logging/carefully-manage-debug-logs.md -------------------------------------------------------------------------------- /en/caching-logging/limit-caching-of-username.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/caching-logging/limit-caching-of-username.md -------------------------------------------------------------------------------- /en/coding-practices/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/coding-practices/README.md -------------------------------------------------------------------------------- /en/coding-practices/anti-tamper-techniques.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/coding-practices/anti-tamper-techniques.md -------------------------------------------------------------------------------- /en/coding-practices/avoid-query-string-for-sensitive-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/coding-practices/avoid-query-string-for-sensitive-data.md -------------------------------------------------------------------------------- /en/coding-practices/avoid-simple-logic.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/coding-practices/avoid-simple-logic.md -------------------------------------------------------------------------------- /en/coding-practices/code-complexity-and-obfuscation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/coding-practices/code-complexity-and-obfuscation.md -------------------------------------------------------------------------------- /en/coding-practices/deserializing-untrusted-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/coding-practices/deserializing-untrusted-data.md -------------------------------------------------------------------------------- /en/coding-practices/securely-store-sensitive-data-in-ram.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/coding-practices/securely-store-sensitive-data-in-ram.md -------------------------------------------------------------------------------- /en/coding-practices/test-third-party-libraries.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/coding-practices/test-third-party-libraries.md -------------------------------------------------------------------------------- /en/coding-practices/understand-secure-deletion-of-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/coding-practices/understand-secure-deletion-of-data.md -------------------------------------------------------------------------------- /en/ios/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/ios/README.md -------------------------------------------------------------------------------- /en/ios/avoid-cached-application-snapshots.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/ios/avoid-cached-application-snapshots.md -------------------------------------------------------------------------------- /en/ios/avoid-caching-https-requests-responses.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/ios/avoid-caching-https-requests-responses.md -------------------------------------------------------------------------------- /en/ios/declare-protected-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/ios/declare-protected-data.md -------------------------------------------------------------------------------- /en/ios/implement-app-transport-security.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/ios/implement-app-transport-security.md -------------------------------------------------------------------------------- /en/ios/implement-protections-against-buffer-overflow-attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/ios/implement-protections-against-buffer-overflow-attacks.md -------------------------------------------------------------------------------- /en/ios/implement-touch-id-properly.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/ios/implement-touch-id-properly.md -------------------------------------------------------------------------------- /en/ios/use-the-keychain-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/ios/use-the-keychain-carefully.md -------------------------------------------------------------------------------- /en/primer/mobile-security.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/primer/mobile-security.md -------------------------------------------------------------------------------- /en/sensitive-data/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/README.md -------------------------------------------------------------------------------- /en/sensitive-data/avoid-storing-app-data-in-backups.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/avoid-storing-app-data-in-backups.md -------------------------------------------------------------------------------- /en/sensitive-data/fully-validate-ssl-tls.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/fully-validate-ssl-tls.md -------------------------------------------------------------------------------- /en/sensitive-data/hide-account-numbers-and-use-tokens.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/hide-account-numbers-and-use-tokens.md -------------------------------------------------------------------------------- /en/sensitive-data/implement-enhanced-two-factor-authentication.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/implement-enhanced-two-factor-authentication.md -------------------------------------------------------------------------------- /en/sensitive-data/implement-secure-data-storage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/implement-secure-data-storage.md -------------------------------------------------------------------------------- /en/sensitive-data/implement-secure-network-transmission-of-sensitive-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/implement-secure-network-transmission-of-sensitive-data.md -------------------------------------------------------------------------------- /en/sensitive-data/institute-local-session-timeout.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/institute-local-session-timeout.md -------------------------------------------------------------------------------- /en/sensitive-data/limit-use-of-uuid.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/limit-use-of-uuid.md -------------------------------------------------------------------------------- /en/sensitive-data/protect-against-sslstrip.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/protect-against-sslstrip.md -------------------------------------------------------------------------------- /en/sensitive-data/protect-application-settings.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/protect-application-settings.md -------------------------------------------------------------------------------- /en/sensitive-data/treat-geolocation-data-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/treat-geolocation-data-carefully.md -------------------------------------------------------------------------------- /en/sensitive-data/use-secure-setting-for-cookies.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/use-secure-setting-for-cookies.md -------------------------------------------------------------------------------- /en/sensitive-data/validate-input-from-client.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/sensitive-data/validate-input-from-client.md -------------------------------------------------------------------------------- /en/servers/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/servers/README.md -------------------------------------------------------------------------------- /en/servers/protect-and-pen-test-web-services.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/servers/protect-and-pen-test-web-services.md -------------------------------------------------------------------------------- /en/servers/protect-internal-resources.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/servers/protect-internal-resources.md -------------------------------------------------------------------------------- /en/servers/server-side-ssl-configuration.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/servers/server-side-ssl-configuration.md -------------------------------------------------------------------------------- /en/servers/web-server-configuration.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/servers/web-server-configuration.md -------------------------------------------------------------------------------- /en/servers/web-servers-proper-session-management.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/servers/web-servers-proper-session-management.md -------------------------------------------------------------------------------- /en/styles/pdf.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/styles/pdf.css -------------------------------------------------------------------------------- /en/styles/website.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/styles/website.css -------------------------------------------------------------------------------- /en/webviews/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/webviews/README.md -------------------------------------------------------------------------------- /en/webviews/prevent-framing-and-clickjacking.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/webviews/prevent-framing-and-clickjacking.md -------------------------------------------------------------------------------- /en/webviews/protect-against-csrf-with-form-tokens.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/en/webviews/protect-against-csrf-with-form-tokens.md -------------------------------------------------------------------------------- /s3_website.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/s3_website.yml -------------------------------------------------------------------------------- /zh/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/README.md -------------------------------------------------------------------------------- /zh/SUMMARY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/SUMMARY.md -------------------------------------------------------------------------------- /zh/android/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/README.md -------------------------------------------------------------------------------- /zh/android/android-apk-signing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/android-apk-signing.md -------------------------------------------------------------------------------- /zh/android/avoid-gui-objects-caching.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/avoid-gui-objects-caching.md -------------------------------------------------------------------------------- /zh/android/avoid-intent-sniffing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/avoid-intent-sniffing.md -------------------------------------------------------------------------------- /zh/android/avoid-storing-cached-camera-images.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/avoid-storing-cached-camera-images.md -------------------------------------------------------------------------------- /zh/android/check-activities.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/check-activities.md -------------------------------------------------------------------------------- /zh/android/implement-content-providers-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/implement-content-providers-carefully.md -------------------------------------------------------------------------------- /zh/android/implement-file-permissions-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/implement-file-permissions-carefully.md -------------------------------------------------------------------------------- /zh/android/implement-intents-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/implement-intents-carefully.md -------------------------------------------------------------------------------- /zh/android/implement-pendingintents-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/implement-pendingintents-carefully.md -------------------------------------------------------------------------------- /zh/android/protect-application-services.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/protect-application-services.md -------------------------------------------------------------------------------- /zh/android/use-broadcasts-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/use-broadcasts-carefully.md -------------------------------------------------------------------------------- /zh/android/webview-best-practices.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/android/webview-best-practices.md -------------------------------------------------------------------------------- /zh/assets/logo.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/assets/logo.svg -------------------------------------------------------------------------------- /zh/assets/mobile-attack-surface.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/assets/mobile-attack-surface.png -------------------------------------------------------------------------------- /zh/caching-logging/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/caching-logging/README.md -------------------------------------------------------------------------------- /zh/caching-logging/avoid-caching-app-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/caching-logging/avoid-caching-app-data.md -------------------------------------------------------------------------------- /zh/caching-logging/avoid-crash-logs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/caching-logging/avoid-crash-logs.md -------------------------------------------------------------------------------- /zh/caching-logging/be-aware-of-copy-paste.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/caching-logging/be-aware-of-copy-paste.md -------------------------------------------------------------------------------- /zh/caching-logging/be-aware-of-the-keyboard-cache.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/caching-logging/be-aware-of-the-keyboard-cache.md -------------------------------------------------------------------------------- /zh/caching-logging/carefully-manage-debug-logs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/caching-logging/carefully-manage-debug-logs.md -------------------------------------------------------------------------------- /zh/caching-logging/limit-caching-of-username.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/caching-logging/limit-caching-of-username.md -------------------------------------------------------------------------------- /zh/coding-practices/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/coding-practices/README.md -------------------------------------------------------------------------------- /zh/coding-practices/anti-tamper-techniques.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/coding-practices/anti-tamper-techniques.md -------------------------------------------------------------------------------- /zh/coding-practices/avoid-query-string-for-sensitive-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/coding-practices/avoid-query-string-for-sensitive-data.md -------------------------------------------------------------------------------- /zh/coding-practices/avoid-simple-logic.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/coding-practices/avoid-simple-logic.md -------------------------------------------------------------------------------- /zh/coding-practices/code-complexity-and-obfuscation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/coding-practices/code-complexity-and-obfuscation.md -------------------------------------------------------------------------------- /zh/coding-practices/securely-store-sensitive-data-in-ram.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/coding-practices/securely-store-sensitive-data-in-ram.md -------------------------------------------------------------------------------- /zh/coding-practices/test-third-party-libraries.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/coding-practices/test-third-party-libraries.md -------------------------------------------------------------------------------- /zh/coding-practices/understand-secure-deletion-of-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/coding-practices/understand-secure-deletion-of-data.md -------------------------------------------------------------------------------- /zh/ios/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/ios/README.md -------------------------------------------------------------------------------- /zh/ios/avoid-cached-application-snapshots.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/ios/avoid-cached-application-snapshots.md -------------------------------------------------------------------------------- /zh/ios/avoid-caching-https-requests-responses.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/ios/avoid-caching-https-requests-responses.md -------------------------------------------------------------------------------- /zh/ios/implement-app-transport-security.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/ios/implement-app-transport-security.md -------------------------------------------------------------------------------- /zh/ios/implement-protections-against-buffer-overflow-attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/ios/implement-protections-against-buffer-overflow-attacks.md -------------------------------------------------------------------------------- /zh/ios/implement-touch-id-properly.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/ios/implement-touch-id-properly.md -------------------------------------------------------------------------------- /zh/ios/use-the-keychain-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/ios/use-the-keychain-carefully.md -------------------------------------------------------------------------------- /zh/primer/mobile-security.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/primer/mobile-security.md -------------------------------------------------------------------------------- /zh/sensitive-data/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/README.md -------------------------------------------------------------------------------- /zh/sensitive-data/avoid-storing-app-data-in-backups.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/avoid-storing-app-data-in-backups.md -------------------------------------------------------------------------------- /zh/sensitive-data/fully-validate-ssl-tls.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/fully-validate-ssl-tls.md -------------------------------------------------------------------------------- /zh/sensitive-data/hide-account-numbers-and-use-tokens.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/hide-account-numbers-and-use-tokens.md -------------------------------------------------------------------------------- /zh/sensitive-data/implement-enhanced-two-factor-authentication.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/implement-enhanced-two-factor-authentication.md -------------------------------------------------------------------------------- /zh/sensitive-data/implement-secure-data-storage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/implement-secure-data-storage.md -------------------------------------------------------------------------------- /zh/sensitive-data/implement-secure-network-transmission-of-sensitive-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/implement-secure-network-transmission-of-sensitive-data.md -------------------------------------------------------------------------------- /zh/sensitive-data/institute-local-session-timeout.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/institute-local-session-timeout.md -------------------------------------------------------------------------------- /zh/sensitive-data/limit-use-of-uuid.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/limit-use-of-uuid.md -------------------------------------------------------------------------------- /zh/sensitive-data/protect-against-sslstrip.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/protect-against-sslstrip.md -------------------------------------------------------------------------------- /zh/sensitive-data/protect-application-settings.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/protect-application-settings.md -------------------------------------------------------------------------------- /zh/sensitive-data/treat-geolocation-data-carefully.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/treat-geolocation-data-carefully.md -------------------------------------------------------------------------------- /zh/sensitive-data/use-secure-setting-for-cookies.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/use-secure-setting-for-cookies.md -------------------------------------------------------------------------------- /zh/sensitive-data/validate-input-from-client.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/sensitive-data/validate-input-from-client.md -------------------------------------------------------------------------------- /zh/servers/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/servers/README.md -------------------------------------------------------------------------------- /zh/servers/protect-and-pen-test-web-services.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/servers/protect-and-pen-test-web-services.md -------------------------------------------------------------------------------- /zh/servers/protect-internal-resources.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/servers/protect-internal-resources.md -------------------------------------------------------------------------------- /zh/servers/server-side-ssl-configuration.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/servers/server-side-ssl-configuration.md -------------------------------------------------------------------------------- /zh/servers/web-server-configuration.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/servers/web-server-configuration.md -------------------------------------------------------------------------------- /zh/servers/web-servers-proper-session-management.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/servers/web-servers-proper-session-management.md -------------------------------------------------------------------------------- /zh/styles/pdf.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/styles/pdf.css -------------------------------------------------------------------------------- /zh/styles/website.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/styles/website.css -------------------------------------------------------------------------------- /zh/webviews/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/webviews/README.md -------------------------------------------------------------------------------- /zh/webviews/prevent-framing-and-clickjacking.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/webviews/prevent-framing-and-clickjacking.md -------------------------------------------------------------------------------- /zh/webviews/protect-against-csrf-with-form-tokens.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nowsecure/secure-mobile-development/HEAD/zh/webviews/protect-against-csrf-with-form-tokens.md --------------------------------------------------------------------------------