In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to make participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
Examples of behavior that contribute to creating a positive environment include:
- Using welcoming and inclusive language
- Being respectful of differing viewpoints and experiences
- Gracefully accepting constructive criticism
- Focusing on what is best for the community
- Showing empathy toward other community members
Examples of unacceptable behavior by participants include:
- The use of sexualized language or imagery, and unwelcome sexual attention or advances
- Trolling, insulting or derogatory comments, and personal or political attacks
- Public or private harassment
- Publishing others' private information, such as a physical or electronic address, without explicit permission
- Misusing the context of the Mobile Application Security project for commercial purposes (e.g., adding sales pitches to the guide or to communication channels used by the project, such as Slack)
- Other conduct which could reasonably be considered inappropriate in a professional setting
Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned with this Code of Conduct, or to temporarily or permanently ban any contributor for behaviors they deem inappropriate, threatening, offensive, or harmful.
The OWASP MAS and its materials are conceived for educational and research purposes only, or for professional security testers analyzing mobile applications with approval from the app owner (e.g., as part of a penetration test or bug bounty program).
Refrain from violating the laws of your country by carefully consulting them before executing any tests against mobile applications when utilizing OWASP MAS materials.
The OWASP MAS project does not support unethical activities in any way. If you encounter such requests, please reach out to the project leaders and raise the issue with them.
Neither OWASP, the OWASP MAS project leaders, authors, nor anyone else involved in this project takes responsibility for your actions.
The intention of the OWASP MAS project is not to encourage hacking or malicious activities. Instead, its goal is to document different attacks against mobile applications, outline their risks, and offer ways to reduce or mitigate those risks.
This Code of Conduct applies within all project spaces and in public spaces when an individual is representing the project or its community. Examples of representation include using an official project email address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation may be further defined and clarified by project maintainers.
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at:
All complaints will be reviewed and investigated, and appropriate action will be taken based on the circumstances. The project team is obligated to maintain confidentiality regarding the reporter of an incident. Additional details of enforcement policies may be posted separately.
Project maintainers who fail to follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions, as determined by other members of the project's leadership.
This Code of Conduct is adapted from the Contributor Covenant, version 1.4, available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
For answers to common questions about this Code of Conduct, see the Contributor Covenant FAQ.