The AppSweep findings page explains the specific security issues AppSweep found in your app, and provides recommendations for their remediation.
The AppSweep finding page consists of five main sections:
Issue description provides a detailed explanation of the encountered issue and its potential impact
Recommendations section provides recommendations and guidance to resolve the issue
Findings section displays code snippet(s) highlighting the issue in your code
OWASP MASVS section provides references to OWASP security standards like OWASP MASVS, indicating which standards the issue violates
Additional resources offer further resources to dive into of the issue
Examples of vulnerabilities AppSweep detects
In the following we will present a few sample findings AppSweep can find to give you a feeling of what you can expect.
Leakage of sensitive information
Identifies elements in the app that should be obfuscated to prevent the leakage of sensitive information.
Example issues:
Hardcoded data, e.g. email addresses, API keys, and OAuth IDs
Unencrypted private keys
Metadata or native files that expose internal details
Insecure communication
Ensures that the app communicates securely by identifying risks such as unencrypted HTTP connections or misconfigured TLS settings.
Example issues:
Outdated TLS versions
Disabled certificate checks
Insecure protocols
Deprecated network libraries
Insecure certificate pinning
Code examples
Usage of outdated TLS versions in Android:
SSLSocket sock = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
// Insecure protocols
sock.setEnabledProtocols(new String[]{"TLSv1", "TLSv1.1"});
Usage of outdated TLS versions in iOS:
// App.app/Info.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<false/>
<key>NSExceptionDomains</key>
<dict>
<key>example.com</key>
<dict>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string> //This line introduces the problem
</dict>
</dict>
</dict>
</dict>
Information leakage used for reverse engineering
Evaluates the app defenses against reverse engineering by identifying potential information leaks. These issues in your code allow an attacker to reverse engineer or tamper with the app.
Example issues:
Hardcoded URLs
Outdated app signatures
Logging
Lack of memory protections
Protection against other malicious apps installed on the same phone
Evaluates whether the app has safeguards against attacks from other apps installed on the same device.
Example issues:
Tapjacking vulnerabilities
Capability leaks
Missing integrity checks
Check for usage of SafetyNet API
Insufficient Cryptography
Assesses the strength and proper configuration of cryptographic methods used by the app.
Example issues:
Weak ciphers
Insecure padding
Hardcoded passwords
Poor random number generation
Insecure key management
Improper initialization vector (IV) usage
External Input Impacting App Behavior
Examines if external inputs or user inputs can alter the app’s behavior, leading to potential security risks.
Example issues:
SQL injection
Code execution from external input
Intent redirection
Example source code:
SQL injection in Android
String userId = {get data from end user};
String sqlQuery = "select * from tbluser where userId = " + userId;
SQL injection in iOS
NSString *uid = [myHTTPConnection getUID];
NSString *statement = [NSString stringWithFormat:@"SELECT username FROM users where uid = '%@'", uid];
const char *sql = [statement UTF8String];