LibTech-Auditing-Cheatsheet # technical things to look for when auditing extremely high value applications

Introduction

This list is intended to be a list of additional or more technical things to look for when auditing extremely high value applications. The applications may involve operational security for involved actors (such as law enforcement research), extremely valuable transactions (such as a Stock Trading Application), societal issues that could open users to physical harassment (such as a Gay Dating Application), or technologies designed to be used by journalists operating inside repressive countries.

It is an advanced list – meaning entry level issues such as application logic bypasses, common web vulnerabilities such as XSS and SQLi, or lower level vulnerabilities such as memory corruption are explicitly not covered. It is assumed that the reader is aware of these and similar vulnerabilities and is well trained in their search, exploitation, and remediation.

A good example of the type of analysis to strive for can be shown in Jacob Appelbaum’s analysis of UltraSurf: https://media.torproject.org/misc/2012-04-16-ultrasurf-analysis.pdf

The Stuff

…continues at iSECPartners/LibTech-Auditing-Cheatsheet · GitHub.

ht @runasand

 

One thought on “LibTech-Auditing-Cheatsheet # technical things to look for when auditing extremely high value applications

  1. Dave Walker

    Argh!

    Great idea, and a good set of checks (why not release the document as .odt, though?), but there’s one really, really big problem:

    “entry level issues such as application logic bypasses, common web vulnerabilities such as XSS and SQLi, or lower level vulnerabilities such as memory corruption are explicitly not covered. It is assumed that the reader is aware of these and similar vulnerabilities and is well trained in their search, exploitation, and remediation.”

    What if the authors’ idea of what’s too entry / low-level, and the reader’s idea of what’s too entry / low-level, differ? This list as it stands, prsents a risk of getting a gap in the nominal middle of the checklist, and nobody would be any the wiser!

    (Too little bandwidth to look at fixing it, right now)

    Reply

Leave a Reply