Hi everyone,
I wanted to know, what should be the first thing to test on code? which key words should I look for? or what are the most common vulnerabilities on a source code
Thanks!
Hi everyone,
I wanted to know, what should be the first thing to test on code? which key words should I look for? or what are the most common vulnerabilities on a source code
Thanks!
Seems duplicate. Since replies are already in the other thread, this one can be deleted.
I don’t think so roaring
this one is for code and the other one is more focused on app, isn’t it?
The most common vulnerabilities found in code are the following:
Search for select
or insert
concatenated in strings
Use asserts to check the code for vulnerable dependencies or something like source clear
Look for strings like key
,user
,pass
,aws
, secret
in the code, also you can check the git history using truffleHog for credentials
Find the login and register functions on the code and check if the error messages says that the users are invalid somehow
If you find for example database credentials, check whether you can connect to it from internet without special permissions. Also if is IaC you can check if someone can connect to administrative ports like 22
from 0.0.0.0
Search for insecure random functions like math.random
Find the register or the change password function to check the password policy, you can use this rule
Try to use web services listed on the code without authentication, specially the ones that get data from a database
If it is an application, look for root
or jailbreak
in the code and if they validate those states
Search in the code the usage of insecure algorithms like 3des
or blowfish
Look for the login page and check if there is a captcha
Check the code of generic exceptions but you need to be sure that they are not managing exceptions upwards in the code
Check the code for captcha functions without a call to a log but you need to be sure that they are not saving the event upwards in the code
Search in the code words like valid
and check those functions
Search in the code for switch
without a default
case
Simply check for commented portions of code
Search for keywords like token
or jwt
and check how it’s generated
Check if there are libraries installed directly in the source code
There are more vulnerabilities that can be found on code, but these are the easiest to find and the first that need to be checked in every project