fix markdown, update tool execution command

OWASP · Nov 7, 2024 · a5636b0 · a5636b0
1 parent 98b6d68
commit a5636b0
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 4 deletions.
diff --git a/techniques/android/MASTG-TECH-0116.md b/techniques/android/MASTG-TECH-0116.md
@@ -19,7 +19,6 @@ Verified for SourceStamp: false
 Number of signers: 1
 ```
 
-
 ## Additional Signature Information
 
 Additional information about the signature including fields from the signing certificate, digest and key information can be also examined with @MASTG-TOOL-0123:

diff --git a/tests-beta/android/MASVS-RESILIENCE/MASTG-TEST-0x38.md b/tests-beta/android/MASVS-RESILIENCE/MASTG-TEST-0x38.md
@@ -11,12 +11,12 @@ weakness: MASWE-0104
 
 Applications need to be properly signed to safeguard their integrity and protect them from tampering. Android has evolved its signing schemes over time to enhance security, with newer versions offering more robust mechanisms. Check [APK Signing Schemes](../../../Document/0x05a-Platform-Overview.md#signing-process) for more details.
 
-This test checks if the insecure v1 signature scheme is enabled for applications targetting Android 7.0 (API level 24) and above.
+This test checks if the insecure v1 signature scheme is enabled for applications targeting Android 7.0 (API level 24) and above.
 
 ## Steps
 
 1. Obtain the `minSdkVersion` attribute from the AndroidManifest.xml, e.g., via @MASTG-TOOL-0121.
-2. List all used signature schemes using @MASTG-TECH-0116 to verify the APK signatures.
+2. List all used signature schemes using the `verify` command of @MASTG-TOOL-0123 as shown in @MASTG-TECH-0116.
 
 ## Observation
 

diff --git a/tools/android/MASTG-TOOL-0123.md b/tools/android/MASTG-TOOL-0123.md
@@ -4,4 +4,4 @@ platform: android
 source: https://developer.android.com/tools/apksigner
 ---
 
-[apksigner](https://developer.android.com/tools/apksigner), available in revision 24.0.3 and higher of the Android SDK Build Tools, is contained in the @MASTG-TOOL-0006 at `[SDK-Path]/build-tools/[version]/apksigner` and can be used to verify APK signatures, rotate keys and display additional information about the signing certificates and keys.
+[apksigner](https://developer.android.com/tools/apksigner), available in revision 24.0.3 and higher of the Android SDK Build Tools, is contained in the @MASTG-TOOL-0006 at `[SDK-Path]/build-tools/[version]/apksigner` and can be used to verify APK signatures, rotate keys and display additional information about the signing certificates and keys.