From 22d79f5fdfb7d8ffb6d4657dbcb121da6750014d Mon Sep 17 00:00:00 2001
From: Thomas Cannon <thomascannon@users.noreply.github.com>
Date: Tue, 7 May 2024 13:43:25 +0100
Subject: [PATCH] Update test.md links with relative paths and add a test step
 to take a before-snapshot

Co-authored-by: Carlos Holguera <perezholguera@gmail.com>
---
 .../data-unencrypted-internal/android-data-in-sandbox/test.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/risks/MASVS-STORAGE/1-store-sensitive-data-securely/data-unencrypted-internal/android-data-in-sandbox/test.md b/risks/MASVS-STORAGE/1-store-sensitive-data-securely/data-unencrypted-internal/android-data-in-sandbox/test.md
index 291ac8f602..bee3501751 100644
--- a/risks/MASVS-STORAGE/1-store-sensitive-data-securely/data-unencrypted-internal/android-data-in-sandbox/test.md
+++ b/risks/MASVS-STORAGE/1-store-sensitive-data-securely/data-unencrypted-internal/android-data-in-sandbox/test.md
@@ -19,7 +19,9 @@ This has the limitation that you won't know the APIs and locations in your code
 
 1. Start the device.
 
-2. Launch and use the app going through the various workflows while inputting sensitive data wherever you can. Taking note of the data you input can help identify it later using tools to search for it.
+2. Take a first [copy of the app's private data directory](../../../../../techniques/android/MASTG-TECH-0008.md) to have as a reference for offline analysis.
+
+3. Launch and use the app going through the various workflows while inputting sensitive data wherever you can. Taking note of the data you input can help identify it later using tools to search for it.
 
 3. Take a copy of the app's private data directory for offline analysis. See: https://mas.owasp.org/MASTG/techniques/android/MASTG-TECH-0008.