[Owasp-leaders] Code review for backdoors

Allison Shubert allisonshubert at yahoo.com
Sat Mar 14 15:53:26 UTC 2015


Ali, Veracode (Chris Wysopal and Chris Eng) has written an excellent paper on this topic.  
http://www.veracode.com/sites/default/files/Resources/Whitepapers/static-detection-of-backdoors-1.0.pdf
It is a great read that easily categorizes the types of backdoors and potential techniques to spot them.
Thank you,Allison
 


     On Wednesday, March 11, 2015 2:35 PM, Ali Khalfan <ali.khalfan at owasp.org> wrote:
   

 The owasp code review guidelines do a great job at looking for vulnerabilities. However, the will not address intentional vulnerabilities such as backdoors and logic bombs. 

I wanted to establish such a guideline, but I was wondering if there is any reference I could fall back on ?

Ali
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders


  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150314/f01f72d0/attachment.html>


More information about the OWASP-Leaders mailing list