Source Code Review

1、berfore we talking abnout the Source Code review,here's what we want to know about the most popular programming langurages .

•      Web application development :Java C#  NET and PHP
•       Drivers and handware C C#   and assembly language
•      Reverse engineering : Assembly langurage
•      Database : Structured Query LangurageSQL
•      Scripting lanurage: Python Perl and Ruby

2、Secure coding cheklist

•     Authentication and credentials must use TLS and not HTTP cleartext
•    Authentication must be enforced on all page ,except the ones intended to the public
•    the erroe messages pages should not lead to information-gathering disclosure
•    Authenticication logic must be validated on the server
•    Authentication passwords must be saved uner secure hashing algorithms and salting is perferable
•    The password's hashing logic must be on the server side
•   Session must be managed on the server side
•    Session idetifier must be random
•   Any cryptographic functionality to protect data shold be implemented on the server side
•   All data validation must be performed on the server side
•   Encode data before validation
•   All validation failures should be rejected in a custom error message
•   Conduct all the encoding logic on the server side
•   Sanitize all the output of understed data foe SQl ,XML LDAP and operating system commands
•   Do not disclose sensitive information in the error messages, including debuffing information such as stack track
•   Use custom reeor messages and error pages
•  Temporary sensitive data must be stored in a secure location ,and those itmes must be purged as soon as possible
•  Remove comments in the source code that may reveal critical information about the application
•  Sensitive information should should not be used in the query sting
•  Data int the  transit must be encrypted with the lasest and greatest TLS algorithms
• Make sure that you remove test codes before deployment

3、Rest API ststus return code (this chapter I've already written about  on my previous blog )

•     200   the action is ok
•     202  the request to create
•     204 the post request did not include a client-generated id
•     400 the request is malformed
•     401 Wrong authentication ID or credentials
•     403 an authenticated user does not have permission to access the resource
•     404 requesting a nonexistant resource
•      405  Unexpected Http method in the request
•     this error may occur when a dos attack is deleted

4、Passive information gathering reconnaissance ----OSINT

       OSINT it mean's  Open Source Intelligence ,let's see the Web search engines

        besides baidu and google 、yahu . i often use the http://yandex.com  and  http://duckduckgo.com  as follow