At the start, target information will be collected from the client. We determine the in-scope items such as application binaries (ipa and/or apk), any applicable IP addresses or range of IP addresses, APIs, authentication credentials, so on and so forth.
We then conduct a review of publicly available information and resources to identify any sensitive information that may help during the subsequent phases of testing. This information could include email addresses, usernames, software information, user manuals, forum posts, etc. In this phase, we intercept and examine the application traffic using proxies. This process will provide us with information about the mobile application and its communication with the backend server.
For each in-scope mobile binaries, we proceed with scanning the application to identify vulnerabilities using various open source and commercial tools. The vulnerabilities presented by the tools are then manually analysed to eliminate any false positives. We also decompile the code to search for any kind of sensitive and useful information such as hardcoded values, comments etc. that can be used at the time of exploitation.
With the intelligence at hand, we will attempt to exploit the potential vulnerabilities identified during previous phases. This process is carried out to evaluate the risk level associated with the successful exploitation of a vulnerability, analyse the possibility of exploit/attack vectors, and account for any mitigating controls that may be in place.
After completing the assessment, SecureTriad provides an assessment report which includes executive summary and technical findings. The executive summary is written for management consumption and is a high-level overview of assessment activities, scope, most critical issues discovered, and overall risk scoring. We also include strategic recommendations to assist business leaders in making informed decisions regarding the application. The technical findings include all vulnerabilities listed individually, with details for recreating the issue with necessary screenshots, understanding of the potential risk, recommended remediation actions, and helpful reference links.