WhiteHat MAST Vulnerability Classes

Mobile Business Logic Assessment (BLA)

Mobile Business Logic Assessment (BLA) utilizes a combined approach of manual security testing augmented with automated scanning.

Testing Methodology Covered By Mobile BLA

Application behavioral analysis

Backend API services

Business logic assessment

Clientside testing

Client-server interaction

Device data forensic

Dynamic black box testing

Network testing

Run-time analysis

Technical - Domains Covered By Mobile BLA

Abuse of functionality

Authentication

Authorization

Cryptography

Session management

Injections

Input handling

Information leakage

Technical - WhiteHat Mobile BLA Vulnerability Categories

Abuse of Functionality

Access Control: File Permissions

Application Misconfiguration: ARC Disabled

Application Misconfiguration: Backup Allowed

Application Misconfiguration: Debug Attribute

Application Misconfiguration: Stack Smashing Protection Disabled

Binary Protection: Insufficient Code Obfuscation

Binary Protection: Insufficient Jailbreak / Root Detection

Brute Force: Case-Insensitive Password

Brute Force: Login Automation

Brute Force: User Enumeration

Content Spoofing

Credential/Session Prediction

Cross Site Request Forgery

Cross Site Scripting

Cryptography: Custom Algorithm

Cryptography: Hardcoded IV

Cryptography: Hardcoded Key

Cryptography: Improper Certificate Expiration

Cryptography: Improper Certificate Validation

Cryptography: Improper Pseudo-Random Number Generator Usage

Cryptography: Insecure Cipher

Cryptography: Insecure Cipher Mode

Cryptography: Insecure Cipher Padding

Cryptography: Insecure Digest

Cryptography: Non-Unique Keys

Directory Indexing

Disclosure: Hardcoded Password

Information Leakage: Application Cache

Information Leakage: Application Snapshots (Backgrounding)

Information Leakage: Error Disclosure

Information Leakage: Internal Environment

Information Leakage: IP Address

Information Leakage: Logging

Information Leakage: NSURL Cache

Information Leakage: Password

Information Leakage: Sensitive Data

Information Leakage: Sensitive Data Over GET

Information Leakage: Server Version

Injection: HTTP Response Splitting

Insecure Data Storage

Insecure Data Storage: Cookies

Insecure Data Storage: Core Data

Insecure Data Storage: Database Storage

Insecure Data Storage: External Storage

Insecure Data Storage: Plist

Insecure Data Storage: Shared Preferences

Insecure Domain Whitelist

Insecure Password Policy

Insufficient Authentication

Insufficient Authentication: Basic Authentication Usage

Insufficient Authorization (Insecure Direct Object Reference)

Insufficient Password Recovery

Insufficient Process Validation

Insufficient Session Expiration

Insufficient Transport Layer Protection

Interprocess Communication: Insecure Activity

Interprocess Communication: Insecure Broadcast Receiver

Interprocess Communication: Insecure Content Provider

Interprocess Communication: Insecure URL Schemes

Interprocess Communication: Intent Hijacking

LDAP Injection

Non-HttpOnly Session Cookie

OS Commanding

Path Traversal

Position Independent Execution

Predictable Resource Location

Remote File Inclusion

Session Fixation

SQL Injection

Unsecured Session Cookie

URL Redirector Abuse

XML External Entity Injection

Technical Vulnerabilites Covered by Mobile - OWASP 2016 Top 10

Vulnerabilities

Description

M1

Improper Platform Usage

M2

Insecure Data Storage

M3

Insecure Communication

M4

Insecure Authentication

M5

Insufficient Cryptography

M6

Insecure Authorization

M7

Client Code Quality

M8

Code Tampering

M9

Reverse Engineering

M10

Extraneous Functionality