Website Source Code Security Analysis

Website Source Code Security Analysis


Job Description

Source Code Analysis steps:

Application's logic discovering – analysis of application logic, identification of potentially vulnerable places.
Source code analysis – vulnerabilities discovering in application source code.
Risk assessment - potential damage assessment of every discovered vulnerability.
Fixing vulnerabilities – making of ready patches or development of vulnerability elimination recommendations.
Creating a detailed report.

List of attack classes which should be checked:

XSS (Cross Site Scripting)
SQL Injection
Authentication Bypass
Insufficient Authorization
Weak Password Recovery Validation
Client-side Attacks
Shell Command Execution
Code Insertion/Execution
Information Disclosure
Path Traversal
Predictable Resource Location
Abuse of Functionality
Insufficient Anti-automation

Best regards


Skills: analysis