If you have the sourcecode, you can do a code review. There are many tools (like flawfinder etc.) wich will support you in finding "static" vulnerabilities like
buffer-overflows du to incorrect usage of commands like "strcpy" and family.
If you dont have the source code, you can do a reverse engineering with debuggers, dissassemblers and other tools, to search for common
coding mistakes.
You also can do a black-box testing, whereby you can use fuzzy-technologie to generate random parameters and requests, sending to the application.
The last one is the one i often use, because in most cases you dont have the source code, and reverse engineering is not that easy :)
bye,
Oliver
Mr. John wrote:
Hi A question is in my mind everywhen I see a vulnerability disclosure. I want to know how a person finds a security vulnerability in a software. Is there a regular way? Suppose that I am technical chair of a software group and we have a software that security consideration is important for us. How can I test our software to ensure that no security vulnerabilities (like buffer overflow vuln) exists in our software product. Or it is question for me how for example eEye find many vulnerabilities in software products. Is there a regular and formal way? Is there some tools, technics, method, ... for this purpose, for finding a vulnerability in a software?
Thanks John
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
