Merge branch 'master' into improve-structuring

.github/workflows/build-website.yml

@@ -7,7 +7,7 @@ on:
 jobs:
   deploy:
     runs-on: ubuntu-latest
-    if: github.actor == 'cpholguera' || github.actor == 'sushi2k'
+    if: github.actor == 'cpholguera' || github.actor == 'sushi2k' || github.actor == 'TheDauntless'
     steps:
       - uses: actions/checkout@v4
         with:

.github/workflows/docgenerator.yml

@@ -94,10 +94,10 @@ jobs:
         repository: "OWASP/owasp-masvs.git"
         ref: ${{env.MASVS_VERSION}}
         fetch-depth: 1
-        path: src/scripts/owasp-masvs
+        path: owasp-masvs
 
     - name: Get MASVS Current Commit ID
-      run: cd src/scripts/owasp-masvs && echo "MASVS_COMMIT=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
+      run: cd owasp-masvs && echo "MASVS_COMMIT=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
     - name: Confirm MASTG Current Commit ID
       run: echo ${{env.MASVS_COMMIT}}
 

README.md

@@ -1,4 +1,4 @@
-<a href="https://github.com/OWASP/owasp-masvs/discussions/categories/big-masvs-refactoring"><img width="180px" align="right" style="float: right;" src="Document/Images/masvs_refactor.png"></a>
+<img width="180px" align="right" style="float: right;" src="cover.png">
 
 # OWASP Mobile Application Security Testing Guide (MASTG)
 

src/scripts/populate_dynamic_pages.py

@@ -9,11 +9,15 @@
 
 def get_platform_icon(platform):
     if platform == "android":
-        return '<span style="font-size: large; color: darkgrey;"> :material-android: </span><span style="display: none;">platform:android</span>'
+        return '<span style="font-size: x-large; color: #54b259;" title="Android"> :material-android: </span><span style="display: none;">platform:android</span>'
     elif platform == "ios":
-        return '<span style="font-size: large; color: darkgrey;"> :material-apple: </span><span style="display: none;">platform:ios</span>'
-    elif platform == "general":
-        return '<span style="font-size: large; color: darkgrey;"> :material-asterisk: </span>'
+        return '<span style="font-size: x-large; color: #007aff;" title="iOS"> :material-apple: </span><span style="display: none;">platform:ios</span>'
+    elif platform == "generic":
+        return '<span style="font-size: x-large; color: darkgrey;" title="Generic"> :material-asterisk: </span><span style="display: none;">platform:generic</span>'
+    elif platform == "network":
+        return '<span style="font-size: x-large; color: #9383e2;" title="Network"> :material-web: </span><span style="display: none;">platform:network</span>'
+    else:
+        return '<span style="font-size: x-large; color: darkgrey;" title="Unknown"> :material-progress-question: </span><span style="display: none;">platform:unknown</span>'
 
 def get_level_icon(level, value):
     if level == "L1" and value == True:
@@ -64,7 +68,12 @@ def get_mastg_components_dict(name):
 
                     frontmatter = next(yaml.load_all(content, Loader=yaml.FullLoader))
                     component_id = os.path.splitext(os.path.basename(file))[0]
-                    frontmatter['id'] = f"[{component_id}](/{os.path.splitext(os.path.relpath(file, f"docs/"))[0]}/)"
+                    component_path = os.path.splitext(os.path.relpath(file, "docs/"))[0]
+                    frontmatter['id'] = f"[{component_id}](/{component_path})"
+                    if frontmatter.get('platform') and type(frontmatter['platform']) == list:
+                        frontmatter['platform'] = "".join([get_platform_icon(platform) for platform in frontmatter['platform']])
+                    else:
+                        frontmatter['platform'] = get_platform_icon(frontmatter['platform'])
                     components.append(frontmatter)
         return components
 
@@ -139,28 +148,15 @@ def reorder_dict_keys(original_dict, key_order):
 
 # tests/index.md
 
-column_titles = {'id': 'ID', 'title': 'Name', 'masvs_v2_id': "MASVS v2 ID", 'masvs_v1_id': "MASVS v1 IDs", 'last_updated': 'Last Updated'} #'id': 'ID',  ... , 'refs': 'Refs', 'techniques': 'Techniques'
+column_titles = {'id': 'ID', 'title': 'Title', 'platform': "Platform", 'masvs_v2_id': "MASVS v2 ID", 'masvs_v1_id': "MASVS v1 IDs", 'last_updated': 'Last Updated'} #'id': 'ID',  ... , 'refs': 'Refs', 'techniques': 'Techniques'
 tests = get_mastg_components_dict("docs/MASTG/tests")
-test_types = ["android", "ios"]
-for test_type in test_types:
-    append_to_file(f"## {test_type.title()} tests\n\n<br>\n\n", "docs/MASTG/tests/index.md")
-    tests_of_type = [reorder_dict_keys(test, column_titles.keys()) for test in tests if test['platform'] == test_type]
-    for test in tests_of_type:
-        if test.get("masvs_v2_id"):
-            test['masvs_v2_id'] = test['masvs_v2_id'][0]
-        if test.get("masvs_v1_id"):
-            test['masvs_v1_id'] = "<br>".join([f"{v1_id}" for v1_id in test['masvs_v1_id']])
-
-
-    for group_id, checklist in CHECKLIST_DICT.items():
-        append_to_file(f"### {group_id}\n\n<br>\n\n", "docs/MASTG/tests/index.md")
-
-        tests_by_category = [test for test in tests_of_type if test['masvs_v2_id'].startswith(group_id)]
-
-        # sort the dicts within tests_by_category by MASVS ID
-        tests_by_category.sort(key=lambda x: x['masvs_v2_id'])
-
-        append_to_file(list_of_dicts_to_md_table(tests_by_category, column_titles) + "\n\n<br>\n\n", "docs/MASTG/tests/index.md")
+tests_of_type = [reorder_dict_keys(test, column_titles.keys()) for test in tests]
+for test in tests_of_type:
+    if test.get("masvs_v2_id"):
+        test['masvs_v2_id'] = test['masvs_v2_id'][0]
+    if test.get("masvs_v1_id"):
+        test['masvs_v1_id'] = "<br>".join([f"{v1_id}" for v1_id in test['masvs_v1_id']])
+append_to_file(list_of_dicts_to_md_table(tests_of_type, column_titles) + "\n\n<br>\n\n", "docs/MASTG/tests/index.md")
 
 # tests-beta/index.md
 
@@ -185,35 +181,24 @@ def reorder_dict_keys(original_dict, key_order):
 column_titles = {'id': 'ID', 'title': 'Name', 'platform': "Platform"} # TODO , 'refs': 'Refs', 'techniques': 'Techniques'
 
 tools = get_mastg_components_dict("docs/MASTG/tools")
-tool_types = ["generic", "android", "ios", "network"]
-for tool_type in tool_types:
-    append_to_file(f"## {tool_type.title()} Tools\n\n<br>\n\n", "docs/MASTG/tools/index.md")
-    tools_of_type = [reorder_dict_keys(tool, column_titles.keys()) for tool in tools if tool['platform'] == tool_type]
-    append_to_file(list_of_dicts_to_md_table(tools_of_type, column_titles) + "\n\n<br>\n\n", "docs/MASTG/tools/index.md")
+tools_of_type = [reorder_dict_keys(tool, column_titles.keys()) for tool in tools]
+append_to_file("\n" + list_of_dicts_to_md_table(tools_of_type, column_titles) + "\n\n<br>\n\n", "docs/MASTG/tools/index.md")
 
 # techniques/index.md
 
 column_titles = {'id': 'ID', 'title': 'Name', 'platform': "Platform"} # TODO , 'tools': 'Tools'
 
 techniques = get_mastg_components_dict("docs/MASTG/techniques")
-technique_types = ["generic", "android", "ios"]
-
-for technique_type in technique_types:
-    append_to_file(f"## {technique_type.title()} Techniques\n\n<br>\n\n", "docs/MASTG/techniques/index.md")
-    techniques_of_type = [reorder_dict_keys(technique, column_titles.keys()) for technique in techniques if technique['platform'] == technique_type]
-    append_to_file(list_of_dicts_to_md_table(techniques_of_type, column_titles) + "\n\n<br>\n\n", "docs/MASTG/techniques/index.md")
+techniques_of_type = [reorder_dict_keys(technique, column_titles.keys()) for technique in techniques]
+append_to_file(list_of_dicts_to_md_table(techniques_of_type, column_titles) + "\n\n<br>\n\n", "docs/MASTG/techniques/index.md")
 
 # apps/index.md
 
 column_titles = {'id': 'ID', 'title': 'Name', 'platform': "Platform"} # TODO , 'techniques': 'Used in'
 
 apps = get_mastg_components_dict("docs/MASTG/apps")
-app_types = ["android", "ios"]
-
-for app_type in app_types:
-    append_to_file(f"## {app_type.title()} Apps\n\n<br>\n\n", "docs/MASTG/apps/index.md")
-    apps_of_type = [reorder_dict_keys(app, column_titles.keys()) for app in apps if app['platform'] == app_type]
-    append_to_file(list_of_dicts_to_md_table(apps_of_type, column_titles) + "\n\n<br>\n\n", "docs/MASTG/apps/index.md")
+apps_of_type = [reorder_dict_keys(app, column_titles.keys()) for app in apps]
+append_to_file(list_of_dicts_to_md_table(apps_of_type, column_titles) + "\n\n<br>\n\n", "docs/MASTG/apps/index.md")
 
 # weaknesses/index.md
 

src/scripts/structure_masvs.sh

@@ -1,12 +1,14 @@
-#!/bin/bash
-
-if [ ! -d "../owasp-masvs/" ] ; then
-  echo "Error: Clone owasp-masvs to same directory as owasp-mastg: cd .. && git clone https://github.com/OWASP/owasp-masvs.git"
-  exit 1
+if [ -d "../owasp-masvs/" ] ; then
+    MASVS_DIR=../owasp-masvs
+elif [ -d "./owasp-masvs/" ] ; then
+    MASVS_DIR=./owasp-masvs
+else
+    echo "Error: Please clone owasp-masvs to same directory as owasp-mastg: cd .. && git clone https://github.com/OWASP/owasp-masvs.git"
+    exit 1
 fi
 
-cp -r ../owasp-masvs/Document/*-*.md docs/MASVS/
-cp -r ../owasp-masvs/controls/ docs/MASVS/controls/
+cp -r $MASVS_DIR/Document/*-*.md docs/MASVS/
+cp -r $MASVS_DIR/controls/ docs/MASVS/controls/
 
 if [[ "$(uname)" == "Darwin" ]]; then
     SED="gsed"
@@ -15,6 +17,6 @@ else
 fi
 
 mkdir -p docs/assets/Images/MASVS
-cp ../owasp-masvs/Document/images/* docs/assets/Images/MASVS
+cp $MASVS_DIR/Document/images/* docs/assets/Images/MASVS
 $SED -i "s#images/#../../../assets/Images/MASVS/#g" docs/MASVS/**/*.md
 $SED -i "s#images/#../../assets/Images/MASVS/#g" docs/MASVS/*.md