| Message | Description |
|---|---|
| Allow Backup Check |
Checks to determine whether the allowBackup flag within the Android Manifest is set to False. If this flag is enabled, it could allow easier access to the application files stored on the device. Analysis Category: Code |
| APK Info |
The activities called for by an app are an important part of understanding the application's life cycle from the initial main activity launch to the final activity shutdown. The main activity is the main entry point into the application's user interface. Analysis Type: Dynamic |
| Arbitrary Code Execution Observed |
Checks for arbitrary code execution. When executable code is world-writable, another app could swap the file and gain code execution capabilities in other apps. Analysis Type: Dynamic |
| Arbitrary Code Execution Probable |
Checks for arbitrary code execution. When executable code is world-writable, another app could swap the file and gain code execution capabilities in other apps. Analysis Type: Dynamic |
| Automation Info |
Details of the automated interaction. Analysis Type: Dynamic |
| Behavioral Events |
Programmatic interactions are logged during dynamic analysis. Results are shown in the forensic data. Analysis Type: Dynamic |
| Certificate Validity Check |
Checks to see if the certificate used for this application compilation is valid to determine whether the certificate is expired or is set to expire within 30 days. Analysis Category: Code |
| Cookie Without HttpOnly Flag |
Analyzes the attributes set within the cookies used by the app to determine if the “httponly” flag is set. When a cookie is set with the “httponly” flag, it instructs the browser that the cookie can only be accessed by the server and not by client-side scripts. This is an important security protection for session cookies and can prevent attacks, like cross-site scripting (XSS), as the cookie cannot be accessed via client-side (e.g., using a JavaScript code snippet). Analysis Type: Dynamic |
| Cookie Without Secure Flag |
Analyzes the attributes set within the cookies used by the app to determine if the “secure” flag is set. When set to “true,” the “secure” flag tells the browser to only send the cookie if the request is sent using a secure channel. This ensures the cookie is not transmitted over unencrypted requests. Analysis Type: Dynamic |
| Debug Flag Check |
Checks to determine whether the application was compiled with the debuggable flag enabled in the Android manifest. If the application has the debuggable flag enabled, it’s possible to attach a debugger to the application’s process and execute arbitrary code. The default value is "true" if the debuggable flag is not set. Debugging should be disabled before compiling an app for production. Analysis Category: Code |
| Javascript Interface Check |
Checks for the usage of addJavascriptInterface(). This can be used to intercept network traffic that’s being sent and interact with the javascript interface. Analysis Type: Static |
| Keysize Check |
This test checks to see if the key used to sign the application is larger than 1024 bits. Anything smaller leaves your app vulnerable to forged digital signatures. Analysis Category: Code |
| Leaked Data in Files Android ID |
Local application files and external storage locations are inspected for Android ID exposure. Analysis Type: Dynamic |
| Leaked Data in Files Bluetooth MAC |
Local application files and external storage locations are inspected for sensitive user/application data. For this check, instances of the Bluetooth MAC Address were searched. Analysis Type: Dynamic |
| Leaked Data in Files Build Fingerprint |
Local application files and external storage locations are inspected for sensitive user/application data. For this check, instances of the Build Fingerprint were searched. Analysis Type: Dynamic |
| Leaked Data in Files (Custom Values) |
Using specified custom search terms, local application files and external storage locations are inspected for sensitive user or application data. Analysis Type: Dynamic |
| Leaked Data in Files DNS1 |
Local application files and external storage locations are inspected for sensitive user/application data. For this check, instances of the DNS were searched. Analysis Type: Dynamic |
| Leaked Data in Files DNS2 |
Local application files and external storage locations are inspected for Domain Name System (DNS) exposure. Analysis Type: Dynamic |
| Leaked Data in Files Email |
Local application files and external storage locations are inspected for user email address exposure. Analysis Type: Dynamic |
| Leaked Data in Files First Name |
Local application files and external storage locations are inspected for user first name exposure. Analysis Type: Dynamic |
| Leaked Data in Files GPS Latitude |
Local application files and external storage locations are inspected for exposed GPS latitude coordinates. Analysis Type: Dynamic |
| Leaked Data in Files GPS Longitude |
Local application files and external storage locations are inspected for exposed GPS longitude coordinates. Analysis Type: Dynamic |
| Leaked Data in Files IMEI |
Local application files and external storage locations are inspected for sensitive user/application data. For this check, instances of the International Mobile Equipment Identity (IMEI) were searched. Analysis Type: Dynamic |
| Leaked Data in Files Last Name |
Local application files and external storage locations are inspected for user last name exposure. Analysis Type: Dynamic |
| Leaked Data in Files Local WiFi MAC |
Local application files and external storage locations are inspected for local wi-fi MAC address exposure. Analysis Type: Dynamic |
| Leaked Data in Files MAC |
Local application files and external storage locations are inspected for sensitive user/application data. For this check, instances of the MAC Address were searched. Analysis Type: Dynamic |
| Leaked Data in Files Name |
Local application files and external storage locations are inspected for sensitive user/application data. For this check, instances of the Full Name were searched. Analysis Type: Dynamic |
| Leaked Data in Files Password |
Local application files and external storage locations are inspected for exposed passwords. Analysis Type: Dynamic |
| Leaked Data in Files Phone Number |
Local application files and external storage locations are inspected for exposed phone numbers. Analysis Type: Dynamic |
| Leaked Data in Files Serial |
Local application files and external storage locations are inspected for sensitive user/application data. For this check, instances of the serial were searched. Analysis Type: Dynamic |
| Leaked Data in Files Surrounding WiFi MAC |
Local application files and external storage locations are inspected for surrounding wi-fi MAC address exposure. Analysis Type: Dynamic |
| Leaked Data in Files Surrounding Wifi Network BSSID |
Local application files and external storage locations are inspected for sensitive user/application data. For this check, instances of the surrounding wi-fi network BSSID were searched. Analysis Type: Dynamic |
| Leaked Data in Files Surrounding Wifi Network SSID |
Local application files and external storage locations are inspected for sensitive user/application data. For this check, instances of the surrounding wi-fi network SSID were searched. Analysis Type: Dynamic |
| Leaked Data in Files Username |
Local application files and external storage locations are inspected for exposed usernames. Analysis Type: Dynamic |
| Leaked Data in Files WiFi IP |
Local application files and external storage locations are inspected for exposed wi-fi IP addresses. Analysis Type: Dynamic |
| Leaked Data in Files WiFi MAC |
Local application files and external storage locations are inspected for sensitive user/application data. For this check, instances of the WiFi MAC Address were searched. Analysis Type: Dynamic |
| Leaked Data in Files ZIP Code |
Local application files and external storage locations are inspected for sensitive user/application data. For this check, instances of the ZIP code were searched. Analysis Type: Dynamic |
| Leaked LogCat Data Android ID |
System log files are analyzed for the existence of sensitive user or application data. Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might allow an attacker to carry out a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data Bluetooth MAC |
Debug logs are generally designed to be used to detect and correct flaws in an application. These logs can leak sensitive information that may help an attacker create a more powerful attack. Additionally, any application on that device with the READ_LOGS permission can interrogate the logs, and in more recent versions of Android, the log files have been more carefully isolated and do not require system level permissions to be requested. In this test, the system log files are analyzed for the existence of sensitive user or application data. Analysis Type: Dynamic |
| Leaked LogCat Data Build Fingerprint |
System log files are analyzed for the existence of sensitive user or application data. Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might allow an attacker to carry out a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data (Custom Values) |
System log files are analyzed for the existence of sensitive user or application data. Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might allow an attacker to carry out a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: DynamicSeverity (CVSS): Medium (5.5) |
| Leaked LogCat Data DNS1 |
Debug logs are generally designed to be used to detect and correct flaws in an application. These logs can leak sensitive information that may help an attacker create a more powerful attack. Additionally, any application on that device with the READ_LOGS permission can interrogate the logs, and in more recent versions of Android, the log files have been more carefully isolated and do not require system level permissions to be requested. In this test, the system log files are analyzed for the existence of sensitive user or application data. Analysis Type: Dynamic |
| Leaked LogCat Data DNS2 |
System log files are analyzed for DNS2 exposure. Debug logs, which are designed to detect and correct flaws in an application, can leak sensitive information that might help an attacker craft a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data Email |
System log files are analyzed for the existence of sensitive user or application data. Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might allow an attacker to carry out a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data First Name |
System log files are analyzed for the existence of sensitive user or application data. Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might allow an attacker to carry out a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data GPS Latitude |
System log files are analyzed for the existence of sensitive user or application data. Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might allow an attacker to carry out a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data GPS Longitude |
System log files are analyzed for the existence of sensitive user or application data. Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might allow an attacker to carry out a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data IMEI |
Debug logs are generally designed to be used to detect and correct flaws in an application. These logs can leak sensitive information that may help an attacker create a more powerful attack. Additionally, any application on that device with the READ_LOGS permission can interrogate the logs, and in more recent versions of Android, the log files have been more carefully isolated and do not require system level permissions to be requested. In this test, the system log files are analyzed for the existence of sensitive user or application data. Analysis Type: Dynamic |
| Leaked LogCat Data Last Name |
System log files are analyzed for exposure of the user’s last name. Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might allow an attacker to carry out a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data Local WiFi MAC |
System log files are analyzed for exposure of the local wi-fi MAC address. Debug logs, which are designed to detect and correct flaws in an application, can leak sensitive information that might help an attacker craft a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data MAC |
Debug logs are generally designed to be used to detect and correct flaws in an application. These logs can leak sensitive information that may help an attacker create a more powerful attack. Additionally, any application on that device with the READ_LOGS permission can interrogate the logs, and in more recent versions of Android, the log files have been more carefully isolated and do not require system level permissions to be requested. In this test, the system log files are analyzed for the existence of sensitive user or application data. Analysis Type: Dynamic |
| Leaked LogCat Data Name |
System log files are analyzed for exposure of the user’s name. Debug logs, which are designed to detect and correct flaws in an application, can leak sensitive information that might help an attacker craft a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data Password |
System log files are analyzed for the existence of sensitive user or application data. Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might allow an attacker to carry out a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data Phone Number |
System log files are analyzed for exposure of the user’s phone number. Debug logs, which are designed to detect and correct flaws in an application, can leak sensitive information that might help an attacker craft a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data Serial |
Debug logs are generally designed to be used to detect and correct flaws in an application. These logs can leak sensitive information that may help an attacker create a more powerful attack. Additionally, any application on that device with the READ_LOGS permission can interrogate the logs, and in more recent versions of Android, the log files have been more carefully isolated and do not require system level permissions to be requested. In this test, the system log files are analyzed for the existence of sensitive user or application data. Analysis Type: Dynamic |
| Leaked LogCat Data Surrounding WiFi MAC |
System log files are analyzed for surrounding wi-fi MAC address exposure. Debug logs, which are designed to detect and correct flaws in an application, can leak sensitive information that might help an attacker craft a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data Surrounding Wifi Network BSSID |
System log files are analyzed for exposure of the surrounding wi-fi network basic service set identifier (BSSID). Debug logs, which are designed to detect and correct flaws in an application, can leak sensitive information that might help an attacker craft a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data Surrounding Wifi Network SSID |
System log files are analyzed for the existence of any sensitive user or application data. Debug logs, which are designed to detect and correct flaws in an application, can leak sensitive information that might help an attacker craft a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data Username |
System log files are analyzed for the existence of any sensitive user or application data. Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might help an attacker craft a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data WiFi IP |
System log files are analyzed for the existence of any sensitive user or application data.Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might help an attacker craft a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data WiFi MAC |
System log files are analyzed for the existence of any sensitive user or application data. Debug logs, which are designed to detect and correct application flaws, can leak sensitive information that might help an attacker craft a more powerful attack. Any application on that device with the READ_LOGS permission can interrogate the logs. The log files of more recent Android versions are carefully isolated and do not require system-level permissions to be requested. Analysis Type: Dynamic |
| Leaked LogCat Data ZIP Code |
Debug logs are generally designed to be used to detect and correct flaws in an application. These logs can leak sensitive information that may help an attacker create a more powerful attack. Additionally, any application on that device with the "READ_LOGS" permission can interrogate the logs, and in more recent versions of Android, the log files have been more carefully isolated and do not require system level permissions to be requested. In this test, the system log files are analyzed for the existence of sensitive user or application data. Analysis Type: Dynamic |
| Obfuscation Check |
Checks if the source code has been obfuscated either by Proguard or Dexguard in order to make class identification less obvious. Analysis Category: Code |
| OSLogs |
Debug logs are generally designed to be used to detect and correct flaws in an application. OSLog is a unified logging system that stores messages in memory and in a data store, rather than writing to text–based log files. These logs can leak sensitive information that may help an attacker launch a more powerful attack. Forensic data provides any OSLog messages detected while performing dynamic analysis. Analysis Type: Dynamic |
| Remote Code Execution |
Checks for writable executable file permissions and for in-transit ZIP files sent over the network. The combination of these two instances more than likely indicates a remote code execution vulnerability. Analysis Type: Dynamic |
| Runs Root Command Check |
This check determines if the application attempts to use escalated privileges through the su command. This is commonly used by malware to exploit rooted devices. Analysis Type: Dynamic |
| SD Card File List |
External storage locations are monitored as the application runs to determine if data is being stored in the application. Analysis Type: Dynamic |
| Secure Random Check |
Applications that use the Java Cryptography Architecture (JCA) for key generation, signing, or random number generation may not receive cryptographically strong values on Android devices due to improper initialization of the pseudo–random number generator (PRNG). Applications that directly invoke the system-provided OpenSSL PRNG without explicit initialization on Android are also affected. Please note that for electronic wallet applications or applications that process sensitive and/or monetary transactions (including bitcoin transactions), the risk associated with this finding should carefully be considered and should potentially be classified using a high severity finding. Analysis Category: Code |
| Sensitive Data Cert Validation |
Determines whether the application is performing proper certificate validation or hostname verification. Lack of proper validation could result in sensitive data being intercepted by a man-in-the-middle attack. If the application's traffic can be decrypted, it is searched for sensitive data, including username, password, GPS coordinates, wi-fi MAC address, International Mobile Equipment Identity (IMEI), device serial number, and phone number. Analysis Type: Dynamic |
| Sensitive Data Flow |
All TLS/SSL communications sent by the application are proxied and traffic is searched for sensitive values, including the user’s username, password, GPS coordinates, wi-fi MAC address, International Mobile Equipment Identity (IMEI), serial number, and phone number. Analysis Type: Dynamic |
| Sensitive Data HTTP (Custom Values) |
Using custom search terms, traffic is analyzed to determine if any sensitive data is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Android ID |
Traffic is analyzed to determine if the Android ID is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Bluetooth MAC |
Traffic is analyzed to determine if any sensitive data is transmitted insecurely over the network without encryption. For this check, instances of the Bluetooth MAC Address were searched across any intercepted traffic. Analysis Type: Dynamic |
| Sensitive Data HTTP Build Fingerprint |
Traffic is analyzed to determine if the user’s build fingerprint is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP DNS1 |
Traffic is analyzed to determine if any sensitive data is transmitted insecurely over the network without encryption. For this check, instances of the DNS were searched across any intercepted traffic. Analysis Type: Dynamic |
| Sensitive Data HTTP DNS2 |
Traffic is analyzed to determine if any DNS data is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Email |
Traffic is analyzed to determine if the user’s email address is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP First Name |
Traffic is analyzed to determine if the user’s first name is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP GPS Latitude |
Traffic is analyzed to determine if the user’s GPS latitude location is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP GPS Longitude |
Traffic is analyzed to determine if any sensitive data is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP IMEI |
Traffic is analyzed to determine if the user’s International Mobile Equipment Identity (IMEI) is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Last Name |
Traffic is analyzed to determine if the user’s last name is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Local WiFi MAC |
Traffic is analyzed to determine if the local wi-fi MAC address is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP MAC |
Traffic is analyzed to determine if any sensitive data is transmitted insecurely over the network without encryption. For this check, instances of the MAC Address were searched across any intercepted traffic. Analysis Type: Dynamic |
| Sensitive Data HTTP Name |
Traffic is analyzed to determine if the user’s full name is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Password |
Traffic is analyzed to determine if the user’s password is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Phone Number |
Traffic is analyzed to determine if the user’s phone number is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Serial |
Traffic is analyzed to determine if the device’s serial is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Surrounding WiFi MAC |
Traffic is analyzed to determine if the surrounding wi-fi MAC address is insecurely transmitted over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Surrounding Wifi Network BSSID |
Traffic is analyzed to determine if the surrounding wi-fi network basic service set identifiers (BSSID) is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Surrounding Wifi Network SSID |
Traffic is analyzed to determine if the surrounding wi-fi network service set Identifier (SSID) is insecurely transmitted over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP Username |
Traffic is analyzed to determine if the user’s username is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP WiFi IP |
Traffic is analyzed to determine if the wi-fi IP address is exposed from insecure transmission over the network without encryption. Analysis Type: Dynamic |
| Sensitive Data HTTP WiFi MAC |
Traffic is analyzed to determine if any sensitive data is transmitted insecurely over the network without encryption. For this check, instances of the WiFi MAC Address were searched across any intercepted traffic. Analysis Type: Dynamic |
| Sensitive Data HTTP ZIP Code |
Traffic is analyzed to determine if any sensitive data is transmitted insecurely over the network without encryption. For this check, instances of the zip code were searched across any intercepted traffic. Analysis Type: Dynamic |
| SMS Communications |
SMS communications are monitored during dynamic analysis. Forensic data provides context on what was found to be sent over SMS. Analysis Type: Dynamic |
| Snoop Network Hosts |
Network communications are monitored while the application is running to locate the destination of the application’s sent data. Analysis Type: Dynamic |
| World Readable Files Check |
Calls within the application are checked for the use of world-readable permissions. Forensic details show any detections. Analysis Category: Permissions |
| World Writable Files Check |
Calls within the application are checked for the use of world-writable permissions. Forensic details show any detections. Analysis Category: Permissions |
| Writable Executable Files Check |
Checks for writable executable file permissions in shared storage locations. If the application has a “writable_executable” and is combined with another bug, such as a network ZIP download, the app could be vulnerable to remote code execution attacks. Analysis Category: Permissions |
| Writable Executable Files Private Check |
Checks for writable executable file permissions in the application’s data directory. If the application has a “writable_executable” and is combined with another bug, such as a network ZIP download, the app could be vulnerable to remote code execution attacks. Analysis Category: Permissions |
| Zip File in Transit Check |
Detects whether ZIP files are being sent by the application over HTTP. ZIP files can lead to a remote arbitrary file write, which could allow an attacker remote code execution. Analysis Category: Network |
| Zip File in Transit Check Https |
Detects when ZIP files are being sent by the application over HTTPS. ZIP files can contain arbitrary code written in the file, which could allow an attacker to carry out a remote code execution attack. Analysis Category: Network |
- October 31, 2023: Tests version 2023.
- May 27, 2021: Published.
Feedback
3 comments
Can this be made exportable to PDF?
This content is available for PDF download as part of the finding_messages_grading_20210528.pdf document, available in the How are BitSight Security Ratings calculated? article. Would this type of content be more useful to you on its own?
Thank you Ingrid. I can extract it from the PDF.
Please sign in to leave a comment.