fix lint errors

Document/0x06j-Testing-Resiliency-Against-Reverse-Engineering.md

@@ -403,7 +403,7 @@ Looking at these _traces_ that Frida _leaves behind_, you might already imagine
 
 | Method | Description | Discussion |
 | --- | --- | --- |
-| **Check The Environment For Related Artifacts**  | Artifacts can be packaged files, binaries, libraries, processes, and temporary files. For Frida, this could be the frida-server running in the target (jailbroken) system (the daemon responsible for exposing Frida over TCP) or the frida libraries loaded by the app. | Inspecting running services is not possible for an iOS app on a non-jailbroken device. The Swift method [CommandLine](https://developer.apple.com/documentation/swift/commandline "CommandLine") is not available on iOS to query for information about running processes, but there are unofficial ways, such as by using [NSTask](https://stackoverflow.com/a/56619466 "How can I run Command Line commands or tasks with Swift in iOS?"). Nevertheless when using this method, the app will be rejected during the App Store review process. There is no other public API available to query for running processes or execute system commands within an iOS App. Even if it would be possible, bypassing this would be as easy as just renaming the corresponding Frida artifact (frida-server/frida-gadget/frida-agent). Another way to detect Frida, would be to walk through the list of loaded libraries and check for suspicious ones (e.g. those including "frida" in their names), which can be done by using `_dyld_get_image_name`.
+| **Check The Environment For Related Artifacts**  | Artifacts can be packaged files, binaries, libraries, processes, and temporary files. For Frida, this could be the frida-server running in the target (jailbroken) system (the daemon responsible for exposing Frida over TCP) or the frida libraries loaded by the app. | Inspecting running services is not possible for an iOS app on a non-jailbroken device. The Swift method [CommandLine](https://developer.apple.com/documentation/swift/commandline "CommandLine") is not available on iOS to query for information about running processes, but there are unofficial ways, such as by using [NSTask](https://stackoverflow.com/a/56619466 "How can I run Command Line commands or tasks with Swift in iOS?"). Nevertheless when using this method, the app will be rejected during the App Store review process. There is no other public API available to query for running processes or execute system commands within an iOS App. Even if it would be possible, bypassing this would be as easy as just renaming the corresponding Frida artifact (frida-server/frida-gadget/frida-agent). Another way to detect Frida, would be to walk through the list of loaded libraries and check for suspicious ones (e.g. those including "frida" in their names), which can be done by using `_dyld_get_image_name`. |
 | **Checking For Open TCP Ports** | The frida-server process binds to TCP port 27042 by default. Testing whether this port is open is another method of detecting the daemon. | This method detects frida-server in its default mode, but the listening port can be changed via a command line argument, so bypassing this is very trivial. |
 | **Checking For Ports Responding To D-Bus Auth** | `frida-server` uses the D-Bus protocol to communicate, so you can expect it to respond to D-Bus AUTH. Send a D-Bus AUTH message to every open port and check for an answer, hoping that `frida-server` will reveal itself. | This is a fairly robust method of detecting `frida-server`, but Frida offers alternative modes of operation that don't require frida-server. |
 

README.md

@@ -28,7 +28,7 @@ This is the official GitHub Repository of the OWASP Mobile Application Security
 
 <br>
 
-## Trusted by ...
+## Trusted by
 
 The OWASP MASVS and MASTG are trusted by the following platform providers and standardization, governmental and educational institutions. [Learn more](https://mas.owasp.org/MASTG/0x02b-MASVS-MASTG-Adoption/).
 

mitigations/comply-with-privacy-regulations.md

@@ -25,4 +25,4 @@ Programmers often trust the operating environment in which a program runs, and t
 - [REF-341] Federal Trade Commission. "Financial Privacy: The Gramm-Leach Bliley Act (GLBA)". <https://www.ftc.gov/business-guidance/privacy-security/gramm-leach-bliley-act>. URL validated: 2023-04-07.
 - [REF-342] U.S. Department of Human Services. "Health Insurance Portability and Accountability Act (HIPAA)". <https://www.hhs.gov/hipaa/index.html>. URL validated: 2023-04-07.
 - [REF-1047] Wikipedia. "General Data Protection Regulation". <https://en.wikipedia.org/wiki/General_Data_Protection_Regulation>.
-- [REF-1048] State of California Department of Justice, Office of the Attorney General. "California Consumer Privacy Act (CCPA)". <https://oag.ca.gov/privacy/ccpa>.
+- [REF-1048] State of California Department of Justice, Office of the Attorney General. "California Consumer Privacy Act (CCPA)". <https://oag.ca.gov/privacy/ccpa>.

techniques/android/MASTG-TECH-0005.md

@@ -23,8 +23,8 @@ adb -e install ./myApp.apk
 # List all devices
 adb devices
 List of devices attached
-37081JEHN05882	device
-emulator-5554	device
+37081JEHN05882  device
+emulator-5554   device
 
 # Connect to a specific device
 adb -s 37081JEHN05882 install ./myApp.apk
@@ -63,8 +63,8 @@ To install an APK into a specific profile, the APK first has to be pushed to the
 # Get an overview of available profiles
 adb shell pm list users
 Users:
-	UserInfo{0:Owner:c13} running
-	UserInfo{11:Sample Managed Profile:1030} running
+    UserInfo{0:Owner:c13} running
+    UserInfo{11:Sample Managed Profile:1030} running
 
 # Push to /data/local/tmp/
 adb push ./myApp.apk /data/local/tmp/

techniques/android/MASTG-TECH-0109.md

@@ -19,67 +19,68 @@ There are generally two approaches to this: **reFlutter** and **Frida**.
 
 1. Patch the app to enable traffic interception.
 
-Run the command to patch the app and select the option **Traffic monitoring and interception** and then enter the IP of the machine on which the interception proxy is running.
+    Run the command to patch the app and select the option **Traffic monitoring and interception** and then enter the IP of the machine on which the interception proxy is running.
 
-```plaintext
-$ reflutter demo.apk
+    ```plaintext
+    $ reflutter demo.apk
 
-Choose an option:
+    Choose an option:
 
-    Traffic monitoring and interception
-    Display absolute code offset for functions
+        Traffic monitoring and interception
+        Display absolute code offset for functions
 
-[1/2]? 1
+    [1/2]? 1
 
-Example: (192.168.1.154) etc.
-Please enter your BurpSuite IP: 192.168.29.216
-```
+    Example: (192.168.1.154) etc.
+    Please enter your BurpSuite IP: 192.168.29.216
+    ```
 
-This will create a **release.RE.apk** file in the output folder.
+    This will create a **release.RE.apk** file in the output folder.
 
 2. Sign the patched **release.RE.apk** file (e.g. using the [uber-apk-signer](https://github.com/patrickfav/uber-apk-signer)).
 
-```bash
-java -jar uber-apk-signer.jar -a release.RE.apk --out demo-signed
-```
+    ```bash
+    java -jar uber-apk-signer.jar -a release.RE.apk --out demo-signed
+    ```
 
-This will create a **release.RE-aligned-debugSigned.apk** file in the output folder.
+    This will create a **release.RE-aligned-debugSigned.apk** file in the output folder.
 
 3. Install the signed patched app on the mobile device.
 
 4. Configure the interception proxy. For example, in Burp:
 
-- Under Proxy -> Proxy settings -> Add new Proxy setting.
-- Bind listening Port to `8083`.
-- Select `Bind to address` to `All interfaces`.
-- Request Handling -> support for invisible proxying.
+   - Under Proxy -> Proxy settings -> Add new Proxy setting.
+   - Bind listening Port to `8083`.
+   - Select `Bind to address` to `All interfaces`.
+   - Request Handling -> support for invisible proxying.
 
 5. Open the app and start intercepting traffic.
 
 ## Intercepting Traffic using ProxyDroid / iptables with Frida
 
 1. Configure [proxyDroid](https://blog.nviso.eu/2019/08/13/intercepting-traffic-from-android-flutter-applications/) or iptables rules to redirect requests to Burp.
 
-If not using proxyDroid, execute the following commands on the rooted Android device to configure iptables to redirect the incoming requests from the application to Burp:
-```bash
-$ iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination <Your-Proxy-IP>:8080 
+    If not using proxyDroid, execute the following commands on the rooted Android device to configure iptables to redirect the incoming requests from the application to Burp:
 
-$ iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to-destination <Your-Proxy-IP>:8080 
-```
+    ```bash
+    $ iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination <Your-Proxy-IP>:8080 
+
+    $ iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to-destination <Your-Proxy-IP>:8080 
+    ```
 
 2. Install the [app](../../apps/android/MASTG-APP-0016.md) on the mobile device.
 
 3. Configure the interception proxy. For example, in Burp:
 
-- Under Proxy -> Proxy settings -> Add new Proxy setting.
-- Bind listening Port to `8080`.
-- Select `Bind to address` to `All interfaces`.
-- Request Handling -> support for invisible proxying.
+   - Under Proxy -> Proxy settings -> Add new Proxy setting.
+   - Bind listening Port to `8080`.
+   - Select `Bind to address` to `All interfaces`.
+   - Request Handling -> support for invisible proxying.
 
 4. Run the [disable-flutter-tls.js](../../tools/generic/MASTG-TOOL-0101.md) frida script.
 
-```bash
-frida -U -f eu.nviso.flutterPinning -l disable-flutter-tls.js
-```
+    ```bash
+    frida -U -f eu.nviso.flutterPinning -l disable-flutter-tls.js
+    ```
 
-5. Start intercepting traffic.
+5. Start intercepting traffic.

tests/ios/MASVS-PLATFORM/MASTG-TEST-0070.md

@@ -473,7 +473,7 @@ You can now keep going and try to trace and verify how the data is being validat
 
 In some cases, you might find data in `userInfo` of the `NSUserActivity` object. In the previous case there was no data being transferred but it might be the case for other scenarios. To see this, be sure to hook the `userInfo` property or access it directly from the `continueUserActivity` object in your hook (e.g. by adding a line like this `log("userInfo:" + ObjC.Object(args[3]).userInfo().toString());`).
 
-##### Final Notes about Universal Links and Handoff
+### Final Notes about Universal Links and Handoff
 
 Universal links and Apple's [Handoff feature](https://developer.apple.com/library/archive/documentation/UserExperience/Conceptual/Handoff/HandoffFundamentals/HandoffFundamentals.html#//apple_ref/doc/uid/TP40014338 "Handoff Fundamentals: About Handoff") are related:
 

tools/ios/MASTG-TOOL-0048.md

@@ -30,4 +30,4 @@ $ dsdump --objc --color --verbose=5 --arch arm64 --defined [APP_MAIN_BINARY_FILE
 $ dsdump --swift --color --verbose=5 --arch arm64 --defined [APP_MAIN_BINARY_FILE] > /tmp/SWIFT.txt
 ```
 
-You can find more information about the inner workings of dsdump and how to programmatically inspect a Mach-O binary to display the compiled Swift types and Objective-C classes in [this article](https://derekselander.github.io/dsdump/ "Building a class-dump in 2020").
+You can find more information about the inner workings of dsdump and how to programmatically inspect a Mach-O binary to display the compiled Swift types and Objective-C classes in [this article](https://derekselander.github.io/dsdump/ "Building a class-dump in 2020").

tools/ios/MASTG-TOOL-0049.md

@@ -4,4 +4,4 @@ platform: ios
 source: https://github.com/nowsecure/frida-cycript
 ---
 
-A fork of Cycript including a brand new runtime called Mjølner powered by Frida. This enables frida-cycript to run on all the platforms and architectures maintained by frida-core - <https://github.com/nowsecure/frida-cycript>
+A fork of Cycript including a brand new runtime called Mjølner powered by Frida. This enables frida-cycript to run on all the platforms and architectures maintained by frida-core - <https://github.com/nowsecure/frida-cycript>