"The hardest thing of all is to find a black cat in a dark room, especially if there is no cat." – Confucius
Security code inspections is sort of searching in the dark. However, security vulnerabilities in many cases* are recurrent anti-patterns that can be identified by well defined set of string searches.
This post sheds a light into the dark room to help finding those black cats – security vulnerabilities.
These are the tools I use to perform text searches.
- Dumping strings from compiled assemblies - ILDASM : Code Inspection - First Look For What To Look For
- Visual Studio 2005 As General Code Search Tool
- FindStr - Performing Text Searches
- Security .Net Code Inspection Using Outlook 2007
- Security Code Review – Use Visual Studio Bookmarks To Capture Security Findings
Security Vulnerabilities Search Patterns
First, define what you want to search. Here is one example how to do it - Generate Your Own Security Code Review Checklist Document Using Outlook 2007. Then start searching. These are few search patterns that can help you getting on track of finding security vulnerabilities:
- Quickly Find And Fix Cross Site Scripting (XSS) Vulnerabilities In Your ASP.NET Application.
- Security Code Inspection - Eternal Search For SQL Injection
- Security Code Review – String Search Patterns For Finding Input Validation Vulnerabilities
- Security Code Review – String Search Patterns For Authentication Vulnerabilities
- Security Code Review – String Search Patterns For Authorization Vulnerabilities
- Security Question List: ASP.NET 2.0
- XSSDetect Public Beta now Available!
- XSSDETECT: Analyzing Large Applications
- Chapter 21 – Code Review
Happy searching, alikl
*Searching for strings can lead to hotspots – potential security vulnerabilities – but not finding all the security vulnerabilities. Sometimes it hits the vulnerabilities right between the eyes, sometimes it misses it. But it surely helps narrowing the security inspection scope.