Vulnerabilities Analysis in Executable

Vulnerabilities Analysis in Executable

Static and dynamic analysis are two common techniques used to identify vulnerabilities in executable files. Each approach offers unique benefits and can be used in combination to provide a comprehensive assessment of the security of an executable.


Static Analysis: Static analysis involves examining the source code or binary of an executable without executing it. Here are some techniques used in static analysis:

a. Code Review: Manual examination of the source code or disassembled binary to identify potential vulnerabilities, such as buffer overflows, injection flaws, or insecure coding practices.

b. Automated Scanning: Tools like static analysis security testing (SAST) tools or binary analyzers can automatically analyse the executable for common security issues. These tools use pattern matching, data flow analysis, and other techniques to detect vulnerabilities.

c. Compiler Warnings: Compiler flags and options can be used to generate warnings or errors for potentially unsafe code constructs. Reviewing these warnings can help identify potential vulnerabilities.

d. Dependency Analysis: Analysing the dependencies of an executable, such as libraries or third-party components, to identify known vulnerabilities or outdated versions.


Dynamic Analysis: Dynamic analysis involves running the executable in a controlled environment and observing its behaviour to detect vulnerabilities. Here are some techniques used in dynamic analysis:

a. Fuzzing: Input is provided to the executable, often in a randomised or mutated form, to uncover unexpected behaviours or crashes that may indicate vulnerabilities.

b. Penetration Testing: The executable is tested under various scenarios to simulate real-world attacks and identify vulnerabilities like input validation issues, authentication weaknesses, or privilege escalation.

c. Debugging and Profiling: Tools like debuggers and profilers can be used to trace the execution of the executable, identify memory corruption issues, or detect insecure coding practices.

d. Network Analysis: Monitoring the network traffic generated by the executable can help identify potential vulnerabilities like insecure communications, improper handling of sensitive data, or protocol weaknesses.

Combining both static and dynamic analysis techniques can provide a more thorough assessment of an executable's security posture. Static analysis can uncover design flaws and potential vulnerabilities before execution, while dynamic analysis validates these findings and detects runtime issues.

Comments

Post a Comment

Popular posts from this blog

Setting up a USB thermal printer with a Raspberry Pi 3B+

It involves a few key steps. Here’s a complete guide to get it working: 1. Gather Required Materials Raspberry Pi 3B+ (with Raspbian OS installed) USB thermal printer USB cable to connect the printer Printer paper Power supply for the Raspberry Pi and printer 2. Connect the Printer Connect the thermal printer to the Raspberry Pi via the USB port. Ensure the printer is powered on and loaded with paper. 3. Install Required Packages Open the terminal on your Raspberry Pi and install the necessary software: Download the driver software for the printer.  Use install.sh file to install it. $ chmod +x install.sh       // make the install.sh file executable $ sudo ./install.sh        // run the install.sh  $ sudo apt install cups libcups2-dev printer-driver-escpr CUPS (Common Unix Printing System) is a printing system that allows the Raspberry Pi to communicate with printers. printer-driver-escpr includes drivers for many thermal printers. 4. Add U...
Read more

Autostart an app on reboot - Raspberry Pi

Option 1: pi@raspberrypi:~ $ sudo nano /etc/rc.local #add path before exit 0 line: su - pi -c "sleep 10 && export DISPLAY=:0 && cd "folderPath" && /usr/bin/python3 fileName.py" & CTRL+O  // to save the changes Enter CTRL+X  // to close the file editor pi@raspberrypi:~ $ sudo reboot (To check the autostart of the software app.) Option 2: go to /home/pi/.config create an autostart folder create a .desktop file into this. add path of an autoreboot.sh file to it with delay : app.Desktop file [Desktop Entry] Exec=sh -c "sleep 15; /home/pi/on_reboot.sh" Create a virtual environment myenv add app folder to myenv create a on_reboot.sh file in /home/pi/ folder.  Add following paths into this file: #!/bin/bash source /home/pi/Documents/myenv/bin/activate cd /home/pi/Documents /myenv/MyApp python3 app.py sudo reboot to check the autostart of the software app.
Read more

Basic Input/Output C Program

Basic Input/Output C Program Example 1. #include < stdio.h > // header file for standard input & output functions // main function of the program which execute first in every program - starting point int main () { printf ( " Hello World \n " ); // an integer variable declaration int x ;           // Read a value from standard input scanf ( " %d " , & x ); // Write value to the standard output printf ( " %d \n " , x ); // return 0 tells that program executed successfully return 0 ; } Example 2.   #include < stdio.h > int main () { int x = 5 ; printf ( " X data is= %d \n " , x ); int y = 7 ; printf ( " Y data is= %d \n " , y ); y = 50 ; printf ( " Y data is= %d \n " , y ); printf ( " Address of X is= %u \n " , & x ); return 0 ; } Note :- A variable with '&' in prefix represents the address of that variable. e...
Read more