Mobile Application Pentest Requirements

The application(s) provided for testing or a link to download it on App store/ Google Play store
List of APIs accessed by the application
- Swagger, WSDL, or Postman collection for the APIs | Optional but recommended

IPA files for iOS apps and/or APK files for Android apps
- The source code of the application for static testing (if not available, please inform the team so we can attempt to extract them)
- 2 sets of credentials for each existing role or level of access to be tested (all levels recommended)
The ability to create our own credentials at these levels also works fine
- Pre-loaded dummy data where applicable | Optional but recommended
- Information on whether the environment is staging or production.