Current: Red Team in FinTech | Former: Red Team @Cruise, @Apple, and @PwC | I tweet about security, software, entrepreneurship, fitness, and eccentric badasses
Jun 17, 2020 • 4 tweets • 1 min read
how to find vulnerabilities in code:
- search for dangerous functionality
- find a path from input you control to that dangerous functionality
- test your exploit by isolating and running critical parts of the code locally
how to find dangerous functionality:
pay special attention to:
- high concentration of security "bad words" (eval, exec, raw, privileged, YAML, merge, reflect, etc)
- string parsing (dynamic langs, SQL, URLs, file paths, etc)
- code handling security stuff (authN, authZ, crypto)