'INSANE' Android Application Pentest Mindmap

Server/Application Side Checks

 Application server is vulnerable to SQL Injection attack

 CAPTCHA implementation flaws

 Bypass Captcha

 Critical HTTP methods allowed


 Check for error messeges

 Client side injection flaws


 Username enumeration

 File upload

 Older version of Application server used

 Check for cookies that identifies user after authentication

 Does application have logout feature?

Transport layer security

 Older version of SSL used or not?

 Check for heartbleed, beast, crime etc.

 Check for weak ssl ciphers

Business Logic Vulnerabilities

 User account compromise of other user account

 Admin account compromise from user account

 Bruteforce Authentication

 Server side validation not found

 Check for SSL Pinning bypass

 Application should not be accessible over simulator and emulator

Code Level Vulnerability

 Source code ofuscation not found

 Sensitve information reveled by application error messeges

 Full source code retrival by reverse engineering

 Insecure permission set by an application

 Check for application permissions in AndroidManifest.xml file

 Weak hashing and encoding algorithm found

 Use Agnito to find any security issues in source code

Memory / Storage Analysis

 Sensitive information reveled in mobile device's storage

 Sensitive information found in logs

 Sensitive information found in cache

 Sensitive information found in application folder and backup folder

 Check if debugging is enabled

  Use Logcat command

 Check if user credentials are being stored in memory clear text

 SQLite database stores insecure data

 Check if sensitive data remains even after logout?

Author: Anonymous Distributed by: TestInsane Technologies Private Limited Exploratory Testing & Test Automation Services Company www.testinsane.com | info@testinsane.com