This is how the Statement of Work describes it (as of 2024-09-03)
Attack Surface Evaluation
- Determine points of input into the application
- Identify interesting inputs that may be abusable by an attacker
Reverse Engineering
- Determine the base language for application development
- Attempt to decompile the application (language dependent)
- Identify sensitive information included in the compiled binary or associated libraries
- Identify any host operating system dependencies that may be abusable for exploitation of the application
Input Handling
- Submit malicious inputs to the application in order to:
- Attempt to access privileged data within the application
- Attempt to escalate privilege in the host operating system or application
- Attempt to gain control of the host operating system
Fuzzing
- Generate input into the application to attempt to elicit a crash condition
- Monitor and debug the crash condition to determine exploitability of the condition
Output Handling
- Monitor output generated by the application to determine whether the following security considerations are addressed.
- At-rest encryption
- In-transit encryption
- Output could consist of one or more of the following
- Application process memory
- File output
- Network communication
Exploitation
- Attempt to weaponize conditions discovered during any of the previous phases