None

15048.60

.920%

AES

351.68

.022%

3DES

357.50

.029%

LZMA

253.54

.032%

Gzip

11814.28

.765%

Test

Description

Malware Analysis

Dynamic analysis of ELF files:

1. Starting and Termination: Time Stamps and Elapsed Time.

2. Processes Information: clone, execve and exit etc.

3. File I/O: open, read, write and delete etc.

4. Network: TCP, UDP, HTTP and HTTPS etc.

5. Typical Malicious Actions: self deletion, modification and lock.

6. API Information: getpid, system, dup and other libc functions.

7. syscall sequences.

Default Credentials

Finds default vendor’s and telco operators' credentials, using a monthly-updated list. The users rarely change those default credentials

Hardened Credentials

Finds hardened users and password stored in the firmware’s file system, as well as decrypting passwd and shadow files

Password Policy

Detects weak password policies, that increases the probability of an attacker having success using brute force and dictionary attacks against user accounts. An attacker who can determine user passwords can take over a user's account and potentially access sensitive data in the application. Weak passwords can be easily guessed and are an easy target for brute force attacks. This can lead to an authentication system failure and compromise system security

Password Expiration

There are different ways to detect the password expiration of a user. For example, one can easily check the user account password expiry information on Linux. The /etc/shadow files stores actual password in encrypted format for user’s account. You need to use the chage command. It can display password expiry information as well as changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password

Password Recovery

It detects a wrong Password Recovery process inside the firmware

Account Lockout

It detects wrong Account Lockout policies

Role Separation

It checks the effectiveness of Role separation for different users

Role Hardening

It checks the effectiveness of Role hardeningfor different users

Check Authentication

Unauthenticated access: One of the most common vulnerabilities in firmware, unauthenticated access allows threat actors to gain access to an IoT device, which makes it easy to exploit device data and any controls provided by it. 

Weak authentication: Threat actors can easily gain access to devices when the firmware has a weak authentication mechanism. These mechanisms can range from single-factor and password-based authentication to systems based on weak cryptographic algorithms that can be broken into with brute-force attacks.

Upgrade Feature

It checks weaknesses during the firmware upgrade process

Exploitable Vulnerabilities

Tests for the presence of 60 known vulnerabilities using exploits from an embedded version of Metasploit. In addition, it also checks for a number of previously-unknown vulnerabilities discovered by our lab

Encrypted Upgrade Protocol

It checks a weak encryption algorithm during the firmware upgrade process

Upgrade Validation

It checks weaknesses during the firmware upgrade process, with focus on validity and integrity using a digital signature

Upgrade Rollback

It checks weaknesses during the firmware upgrade rollback process

Upgrade Security Alerting

It checks the presence of an effective security notification system during the firmware upgrade process

Sensitive Data

Dynamically checks the visibility of sensitive data

Sensitive Data Security

Dynamically checks the protection of sensitive data using ‘at rest’ cyphering or 'in transit'

Anonymized Personal Data

Dynamically checks the efficiency of anonimization of personal data (personal name, phone numbers, e-mails, etc.)

Data Collecting

Dynamically checks if Data Collecting is correctly notified to the user

Unencrypted Protocols

Dynamically checks the usage of Unencrypted Protocols

Traffic Anomalies

Dynamically checks anomalies in communications with unknown public IPs or URI, tracking their geo-location and the cipher level

Local Firewall

Dynamically checks the efficiency of the local firewall feature provided by the firmware

Security Event Logging

Dynamically checks the presence of separated Event log regarding security issues only

Security Event Alerting

Dynamically checks the presence of separated Event alerting system regarding security issues only

Binary Fuzzing Analysis

Dynamically executes a binary fuzzing analysis on executables/libraries exposing vulnerable functions

Network Fuzzing Analysis

Dynamically executes a network fuzzing analysis on exposed services

Directory Traversal and Discovery

Dynamically executes directory traversal tests and content discovery to Web pages, to identify debug or test functionalities

Wrong Input Validation

Dynamically executes web interface and API tests to find vulnerabilities like: weak authentication/authorization management, SQL Injection, XSS, XXE, CSRF, directory traversal, remote code execution

Wrong Error Handling

Dynamically executes a fuzzy analysis on executables parameters to observe the effectiveness of exception handling and stack trace

Bootloader Analysis

Dynamically checks if bootloader sequence modifications are permitted, as well as arbitrary kernel loading and boot from untrusted sources

Firmware Integrity Testing

Dynamically attempts to load a custom firmware or modified binaries to check if integrity testing is provided by the firmware upgrade process

Runtime Analysis

Dynamically attempts to switch in debugging mode for altering a process at runtime

Binary Exploitation

Dymanically exploit attempts in order to execute an arbitrary binary execution