Checklist for Secure Code Review of an Enterprise Product
January 8, 2015 · No comments
As part of penetration testing and secure code review engagements with product companies, we generally found that 7 to 12 year old product has code base massive in size and scale, what they call internally a “Beast”. Interestingly, we get only few weeks to tame the beast!!! In this blog post, my objective is to describe baseline threat model and checklist to evaluate security of an enterprise product. It will also describe a high-level approach that can be used in any source code / architecture review engagement. Secure Code Review Steps: Create Architecture For a large and complex enterprise product,...
What is ShellShock Bug? Shellshock is a security vulnerability(CVE-2014-6271) in the widely used Unix Bash Shell which was discovered by Stéphane Chazelas on 12 September 2014 and disclosed on 24 September 2014. Subsequently, various researchers have discovered multiple other vulnerabilities in bash. What is the Vulnerability? The Unix Bash Shell stores exported function definitions in environment variables. When a new instance of bash is launched, it reads these specially crafted environment variables, and interprets them as function definitions. Unfortunately, due to insufficient constraints in the determination of acceptable function-like strings in the environment, the parsing of these function definitions from the environment variables...
There has been a lot of buzz about Heartbleed in the news recently. In this blog post, we have tried to put together the important things that one should know about Heartbleed. What is Heartbleed? Heartbleed is the popular name given to the recently found vulnerability(CVE-2014-0160) inOpenSSL – an open-source encryption library. More specifically, this is a bug in the OpenSSL Heartbeat protocol which results in a vulnerable server to leak or bleed confidential content in its memory space (and hence the name ‘Heartbleed’). What’s Heartbleed bug? OpenSSL is the most popular open-source library providing implementations of various cryptographic functions and SSL/TLS...
Over the past decade, E-Commerce applications have grown both in terms of numbers and complexity. Currently, E-Commerce application are going forward becoming more personalized, more mobile friendly and rich in functionality. Complicated recommendation algorithms are constantly running at the back end to make content searching as personalized as possible. Why a conventional application penetration testing is not enough for E-commerce Applications? E-Commerce applications are growing in complexity, as a result conventional application penetration is simply not enough. Conventional application penetration testing focus on vulnerability classes described in OWASP or WASC standards like SQL Injection, XSS, CSRF etc. (Read More: 5...
“The Art of Starting Small” for implementing secure SDLC
March 27, 2014 · No comments
Must Know Business Logic Vulnerabilities In Banking Applications
January 23, 2013 · 4 comments
Business Logic Testing for Banking and Financial Applications
February 6, 2014 · 3 comments
A Lazy Pen Tester’s Guide to Testing Flash Applications
February 5, 2010 · 3 comments
Advanced Persistent Threats Antivirus application penetration testing Application security Application Security Testing application security testing vendor Appliction Security testing attack tree Automated Penetration Testing Big Data Security Browser Cookies Business Logic Testing Business Logic Vulnerabilities Bypassing XSS Filters Cross Site Scripting DAST Dynamic Application Security Testing Ethical Hacking Firewall Guidelines for Pen-Testing a Joomla Based Site iviz security man in browser attacks Microsoft Share point Vulnerability Mobile Application Security Testing online application security online banking security Penetration Test Penetration Testing Pentest Pen Tester SaaS Applications SAST sast and dast secure your Big Data Implementation security products vulnerabilities Security Storm security testing security vulnerabilities Static Application Security Testing vulnerabilities in security products vulnerability assessment Web Application Security Testing web application vulnerability xss filters XSS Injection