RECONNAISSANCE

πŸ”¦ Reconnaissance is process in which we gather information about the application, and also the host/client on which the application is running. To understand its functional and non functional requirements.

Recon can be done at different levels of the computing environment for a thick client :

  • Application level

  • Host level

  • Storage level

  • Network level

Some of the information we can get during this process are:

  • Application structure, design, functionality and the way its built (Technology stack)

  • File and folder access done by the application

  • Application Network traffic to understand its communication with the server

  • Scanning for sensitive data stored in the application package, as application might have some information disclosure.

  • Information gathering regarding host is also important as we can check if we can exploit host vulnerability to exploit an application

πŸ’  Application Level

  1. Improper error handling

  2. SQL Injection

  3. Parameter Tampering

  4. File Upload

  5. Insecure storage

  6. Broken authentication & Session management

  7. Business Logic

  8. Denial of service

  9. Buffer overflow

  10. Digital signature verification (SignTool)

πŸ’ Host Level

  1. Cracking windows system Password

  2. Windows system Privilege Escalation

  3. DLL Injection

πŸ’ Storage Level

  1. Logs

  2. Cache files

  3. Configuration files

πŸ’ Network Level

  1. Intercept network calls (HTTP, TCP or Sockets communication )

PreviousTHREAT MODEL & TEST CASESNextINTERCEPTION

Last updated

Was this helpful?