From 6c57f1e2a55d4d72321445faf3eec0766e9f66f3 Mon Sep 17 00:00:00 2001
From: ScreaM <70141504+ScreaMy7@users.noreply.github.com>
Date: Tue, 26 Nov 2024 17:36:41 +0530
Subject: [PATCH 1/2] port 0x24

---
 .../android/MASVS-PLATFORM/MASTG-TEST-0x24.md | 28 +++++++++++++++++++
 .../android/MASVS-PLATFORM/MASTG-TEST-0024.md |  3 ++
 2 files changed, 31 insertions(+)
 create mode 100644 tests-beta/android/MASVS-PLATFORM/MASTG-TEST-0x24.md

diff --git a/tests-beta/android/MASVS-PLATFORM/MASTG-TEST-0x24.md b/tests-beta/android/MASVS-PLATFORM/MASTG-TEST-0x24.md
new file mode 100644
index 0000000000..77c99c1ced
--- /dev/null
+++ b/tests-beta/android/MASVS-PLATFORM/MASTG-TEST-0x24.md
@@ -0,0 +1,28 @@
+---
+platform: android
+title: Testing for App Permissions
+id: MASTG-TEST-0x24
+---
+
+## Overview
+Testing for app permissions in Android involves evaluating how an application requests, uses, and manages permissions to ensure they do not lead to security vulnerabilities. Proper permission management should protect sensitive user data and ensure that the application complies with Android's security model. The test aims to detect misconfigurations and unnecessary permissions.
+
+## Steps
+
+**Static analysis**
+ 1. Decompile the APK using tools like @MASTG-TOOL-0011.
+ 2. Examine the `AndroidManifest.xml` file for declared permissions by searching for `<uses-permission` tags.
+ 3. Review the permissions with the developer to identify the purpose of each permission set and remove unnecessary or dangerous permissions.
+
+**Dynamic analysis**
+ 1. Permissions for installed applications can be retrieved with @MASTG-TOOL-0004.
+ 2. Use the @MASTG-TOOL-0004 with the following command :
+`$  adb shell dumpsys package sg.vp.owasp_mobile.omtg_android`
+
+  Please refer to this [permissions overview ↗](https://developer.android.com/guide/topics/permissions/overview#permission-groups "Table 1. Dangerous permissions and permission groups.") for descriptions of the listed permissions that are considered dangerous.
+
+## Observation
+The output shows the list of permissions used by the application.
+
+## Evaluation
+The test will fail if the correct permissions are used.
\ No newline at end of file
diff --git a/tests/android/MASVS-PLATFORM/MASTG-TEST-0024.md b/tests/android/MASVS-PLATFORM/MASTG-TEST-0024.md
index 93c9574b7c..e78e6698bf 100644
--- a/tests/android/MASVS-PLATFORM/MASTG-TEST-0024.md
+++ b/tests/android/MASVS-PLATFORM/MASTG-TEST-0024.md
@@ -8,6 +8,9 @@ title: Testing for App Permissions
 masvs_v1_levels:
 - L1
 - L2
+status: deprecated
+covered_by: [MASTG-TEST-0x24]
+deprecation_note: New version available in MASTG V2
 ---
 
 ## Overview

From eb5cdf7ff052238ec632b6ad9689852aafb250ef Mon Sep 17 00:00:00 2001
From: ScreaM <70141504+ScreaMy7@users.noreply.github.com>
Date: Tue, 26 Nov 2024 17:47:49 +0530
Subject: [PATCH 2/2] markdown fix

---
 tests-beta/android/MASVS-PLATFORM/MASTG-TEST-0x24.md | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/tests-beta/android/MASVS-PLATFORM/MASTG-TEST-0x24.md b/tests-beta/android/MASVS-PLATFORM/MASTG-TEST-0x24.md
index 77c99c1ced..7bf2a40cf1 100644
--- a/tests-beta/android/MASVS-PLATFORM/MASTG-TEST-0x24.md
+++ b/tests-beta/android/MASVS-PLATFORM/MASTG-TEST-0x24.md
@@ -5,16 +5,19 @@ id: MASTG-TEST-0x24
 ---
 
 ## Overview
+
 Testing for app permissions in Android involves evaluating how an application requests, uses, and manages permissions to ensure they do not lead to security vulnerabilities. Proper permission management should protect sensitive user data and ensure that the application complies with Android's security model. The test aims to detect misconfigurations and unnecessary permissions.
 
 ## Steps
 
-**Static analysis**
+### Static analysis
+
  1. Decompile the APK using tools like @MASTG-TOOL-0011.
  2. Examine the `AndroidManifest.xml` file for declared permissions by searching for `<uses-permission` tags.
  3. Review the permissions with the developer to identify the purpose of each permission set and remove unnecessary or dangerous permissions.
 
-**Dynamic analysis**
+### Dynamic analysis
+
  1. Permissions for installed applications can be retrieved with @MASTG-TOOL-0004.
  2. Use the @MASTG-TOOL-0004 with the following command :
 `$  adb shell dumpsys package sg.vp.owasp_mobile.omtg_android`
@@ -22,7 +25,9 @@ Testing for app permissions in Android involves evaluating how an application re
   Please refer to this [permissions overview ↗](https://developer.android.com/guide/topics/permissions/overview#permission-groups "Table 1. Dangerous permissions and permission groups.") for descriptions of the listed permissions that are considered dangerous.
 
 ## Observation
+
 The output shows the list of permissions used by the application.
 
 ## Evaluation
-The test will fail if the correct permissions are used.
\ No newline at end of file
+
+The test will fail if the correct permissions are used.