bmt 0.5.0 → 0.5.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/lib/bmt/version.rb +1 -1
  3. data/lib/data/0.1/mappings/templates.json +17 -0
  4. data/lib/data/0.1/mappings/templates.schema.json +62 -0
  5. data/lib/data/0.1/methodologies/api_testing.json +659 -0
  6. data/lib/data/0.1/methodologies/binaries.json +252 -0
  7. data/lib/data/0.1/methodologies/mobile_android.json +514 -0
  8. data/lib/data/0.1/methodologies/mobile_ios.json +452 -0
  9. data/lib/data/0.1/methodologies/network.json +207 -0
  10. data/lib/data/0.1/methodologies/template.json +83 -0
  11. data/lib/data/0.1/methodologies/website_testing.json +886 -0
  12. data/lib/data/0.1/schema.json +124 -0
  13. metadata +12 -2
data/lib/data/0.1/methodologies/mobile_ios.json ADDED
@@ -0,0 +1,452 @@
1
+ {
2
+ "metadata": {
3
+ "title": "iOS",
4
+ "release_date": "2022-01-10T00:00:00+00:00",
5
+ "description": "Bugcrowd iOS testing methodology",
6
+ "vrt_version": "10.0.1"
7
+ },
8
+ "content": {
9
+ "steps": [
10
+ {
11
+ "key": "architecture_design_and_threat_modelling",
12
+ "title": "Architecture, design and threat modelling",
13
+ "description": "",
14
+ "type": "checklist",
15
+ "items": [
16
+ {
17
+ "key": "all_app_components_are_identified_and_known_to_be_needed",
18
+ "title": "All app components are identified and known to be needed",
19
+ "description": "",
20
+ "caption": ""
21
+ },
22
+ {
23
+ "key": "security_controls_client_side",
24
+ "title": "Security controls are never enforced only on the client side, but on the respective remote endpoints.",
25
+ "description": "",
26
+ "caption": ""
27
+ },
28
+ {
29
+ "key": "high_level_architecture_for_mobile_app",
30
+ "title": "A high-level architecture for the mobile app and all connected remote services has been defined and security has been addressed in that architecture.",
31
+ "description": "",
32
+ "caption": ""
33
+ },
34
+ {
35
+ "key": "sensitive_identified_data",
36
+ "title": "Data considered sensitive in the context of the mobile app is clearly identified.",
37
+ "description": "",
38
+ "caption": ""
39
+ },
40
+ {
41
+ "key": "business_and_security_functions",
42
+ "title": "All app components are defined in terms of the business functions and/or security functions they provide.",
43
+ "description": "",
44
+ "caption": ""
45
+ },
46
+ {
47
+ "key": "threat_model_for_mobile_app",
48
+ "title": "A threat model for the mobile app and the associated remote services has been produced that identifies potential threats and countermeasures.",
49
+ "description": "",
50
+ "caption": ""
51
+ },
52
+ {
53
+ "key": "security_controls",
54
+ "title": "All security controls have a centralized implementation.",
55
+ "description": "",
56
+ "caption": ""
57
+ },
58
+ {
59
+ "key": "cryptographic_key_policy",
60
+ "title": "There is an explicit policy for how cryptographic keys (if any) are managed, and the lifecycle of cryptographic keys is enforced. Ideally, follow a key management standard such as NIST SP 800-57.",
61
+ "description": "",
62
+ "caption": ""
63
+ },
64
+ {
65
+ "key": "enforce_mobile_app_updates",
66
+ "title": "A mechanism for enforcing updates of the mobile app exists.",
67
+ "description": "",
68
+ "caption": ""
69
+ },
70
+ {
71
+ "key": "address_security",
72
+ "title": "Security is addressed within all parts of the software development lifecycle.",
73
+ "description": "",
74
+ "caption": ""
75
+ }
76
+ ]
77
+ },
78
+ {
79
+ "key": "data_storage_and_privacy",
80
+ "title": "Data Storage and Privacy",
81
+ "description": "",
82
+ "type": "checklist",
83
+ "items": [
84
+ {
85
+ "key": "system_creentials_storage_facilities",
86
+ "title": "System credential storage facilities are used appropriately to store sensitive data, such as PII, user credentials or cryptographic keys.",
87
+ "description": "",
88
+ "caption": ""
89
+ },
90
+ {
91
+ "key": "sensitive_data_storage",
92
+ "title": "No sensitive data should be stored outside of the app container or system credential storage facilities.",
93
+ "description": "",
94
+ "caption": ""
95
+ },
96
+ {
97
+ "key": "sensitive_data_in_logs",
98
+ "title": "No sensitive data is written to application logs.",
99
+ "description": "",
100
+ "caption": ""
101
+ },
102
+ {
103
+ "key": "sensitive_data_sharing_with_third_party",
104
+ "title": "No sensitive data is shared with third parties unless it is a necessary part of the architecture.",
105
+ "description": "",
106
+ "caption": ""
107
+ },
108
+ {
109
+ "key": "keyboard_cache_disabling",
110
+ "title": "The keyboard cache is disabled on text inputs that process sensitive data.",
111
+ "description": "",
112
+ "caption": ""
113
+ },
114
+ {
115
+ "key": "sensitive_data_ipc_mechanism",
116
+ "title": "No sensitive data is exposed via IPC mechanisms.",
117
+ "description": "",
118
+ "caption": ""
119
+ },
120
+ {
121
+ "key": "sensitive_data_exposure_via_ui",
122
+ "title": "No sensitive data, such as passwords or pins, is exposed through the user interface.",
123
+ "description": "",
124
+ "caption": ""
125
+ },
126
+ {
127
+ "key": "sensitive_data_exposure_via_backup",
128
+ "title": "No sensitive data is included in backups generated by the mobile operating system.",
129
+ "description": "",
130
+ "caption": ""
131
+ },
132
+ {
133
+ "key": "sensitive_data_removal_on_backgrounded",
134
+ "title": "The app removes sensitive data from views when backgrounded.",
135
+ "description": "",
136
+ "caption": ""
137
+ },
138
+ {
139
+ "key": "sensitive_data_holding_in_memory",
140
+ "title": "The app does not hold sensitive data in memory longer than necessary, and memory is cleared explicitly after use.",
141
+ "description": "",
142
+ "caption": ""
143
+ },
144
+ {
145
+ "key": "minimum_device_access_security_policy",
146
+ "title": "The app enforces a minimum device-access-security policy, such as requiring the user to set a device passcode.",
147
+ "description": "",
148
+ "caption": ""
149
+ },
150
+ {
151
+ "key": "personal_identifiable_information_identification",
152
+ "title": "The app educates the user about the types of personally identifiable information processed, as well as security best practices the user should follow in using the app.",
153
+ "description": "",
154
+ "caption": ""
155
+ }
156
+ ]
157
+ },
158
+ {
159
+ "key": "cryptography",
160
+ "title": "Cryptography",
161
+ "description": "",
162
+ "type": "checklist",
163
+ "items": [
164
+ {
165
+ "key": "symmetric_cryptography_with_hardcoded_keys",
166
+ "title": "The app does not rely on symmetric cryptography with hardcoded keys as a sole method of encryption.",
167
+ "description": "",
168
+ "caption": ""
169
+ },
170
+ {
171
+ "key": "proven_cryptographic_primitives",
172
+ "title": "The app uses proven implementations of cryptographic primitives.",
173
+ "description": "",
174
+ "caption": ""
175
+ },
176
+ {
177
+ "key": "cryptographic_primitive_for_particular_use_case",
178
+ "title": "The app uses cryptographic primitives that are appropriate for the particular use-case, configured with parameters that adhere to industry best practices.",
179
+ "description": "",
180
+ "caption": ""
181
+ },
182
+ {
183
+ "key": "depricated_cryptography_protocols",
184
+ "title": "The app does not use cryptographic protocols or algorithms that are widely considered depreciated for security purposes.",
185
+ "description": "",
186
+ "caption": ""
187
+ },
188
+ {
189
+ "key": "reuse_same_cryptographic_key",
190
+ "title": "The app doesnt re-use the same cryptographic key for multiple purposes.",
191
+ "description": "",
192
+ "caption": ""
193
+ },
194
+ {
195
+ "key": "secure_random_number_generator",
196
+ "title": "All random values are generated using a sufficiently secure random number generator.",
197
+ "description": "",
198
+ "caption": ""
199
+ }
200
+ ]
201
+ },
202
+ {
203
+ "key": "authentication_and_session_management",
204
+ "title": "Authentication and Session Management",
205
+ "description": "",
206
+ "type": "checklist",
207
+ "items": [
208
+ {
209
+ "key": "remote_service_authentication",
210
+ "title": "If the app provides users access to a remote service, some form of authentication, such as username/password authentication, is performed at the remote endpoint.",
211
+ "description": "",
212
+ "caption": ""
213
+ },
214
+ {
215
+ "key": "stateful_session_management_authentication",
216
+ "title": "If stateful session management is used, the remote endpoint uses randomly generated session identifiers to authenticate client requests without sending the users credentials.",
217
+ "description": "",
218
+ "caption": ""
219
+ },
220
+ {
221
+ "key": "stateless_token_based_management_authentication",
222
+ "title": "If stateless token-based authentication is used, the server provides a token that has been signed using a secure algorithm.",
223
+ "description": "",
224
+ "caption": ""
225
+ },
226
+ {
227
+ "key": "remote_endpoint_terminate",
228
+ "title": "The remote endpoint terminates the existing session when the user logs out.",
229
+ "description": "",
230
+ "caption": ""
231
+ },
232
+ {
233
+ "key": "password_policy_exists",
234
+ "title": "A password policy exists and is enforced at the remote endpoint.",
235
+ "description": "",
236
+ "caption": ""
237
+ },
238
+ {
239
+ "key": "remote_endpoint_implementation_mechanism",
240
+ "title": "The remote endpoint implements a mechanism to protect against the submission of credentials an excessive number of times.",
241
+ "description": "",
242
+ "caption": ""
243
+ },
244
+ {
245
+ "key": "session_invalidated_at_remote_endpoint",
246
+ "title": "Sessions are invalidated at the remote endpoint after a predefined period of inactivity and access tokens expire.",
247
+ "description": "",
248
+ "caption": ""
249
+ },
250
+ {
251
+ "key": "biometric_authentication",
252
+ "title": "Biometric authentication, if any, is not event-bound (i.e. using an API that simply returns true or false). Instead, it is based on unlocking the keychain/keystore.",
253
+ "description": "",
254
+ "caption": ""
255
+ },
256
+ {
257
+ "key": "second_factor_authentication",
258
+ "title": "A second factor of authentication exists at the remote endpoint and the 2FA requirement is consistently enforced.",
259
+ "description": "",
260
+ "caption": ""
261
+ },
262
+ {
263
+ "key": "sensitive_transaction_setup_authentication",
264
+ "title": "Sensitive transactions require step-up authentication.",
265
+ "description": "",
266
+ "caption": ""
267
+ },
268
+ {
269
+ "key": "inform_user_login_activities",
270
+ "title": "The app informs the user of all login activities with their account. Users are able view a list of devices used to access the account, and to block specific devices.",
271
+ "description": "",
272
+ "caption": ""
273
+ }
274
+ ]
275
+ },
276
+ {
277
+ "key": "network_communication",
278
+ "title": "Network Communication",
279
+ "description": "",
280
+ "type": "checklist",
281
+ "items": [
282
+ {
283
+ "key": "data_encryption_on_network",
284
+ "title": "Data is encrypted on the network using TLS. The secure channel is used consistently throughout the app.",
285
+ "description": "",
286
+ "caption": ""
287
+ },
288
+ {
289
+ "key": "tls_settings_best_practices",
290
+ "title": "The TLS settings are in line with current best practices, or as close as possible if the mobile operating system does not support the recommended standards.",
291
+ "description": "",
292
+ "caption": ""
293
+ },
294
+ {
295
+ "key": "remote_endpoint_certificate",
296
+ "title": "The app verifies the X.509 certificate of the remote endpoint when the secure channel is established. Only certificates signed by a trusted CA are accepted.",
297
+ "description": "",
298
+ "caption": ""
299
+ },
300
+ {
301
+ "key": "app_certification",
302
+ "title": "The app either uses its own certificate store, or pins the endpoint certificate or public key, and subsequently does not establish connections with endpoints that offer a different certificate or key, even if signed by a trusted CA.",
303
+ "description": "",
304
+ "caption": ""
305
+ },
306
+ {
307
+ "key": "insecure_communication_channel",
308
+ "title": "The app doesnt rely on a single insecure communication channel (email or SMS) for critical operations, such as enrollments and account recovery.",
309
+ "description": "",
310
+ "caption": ""
311
+ },
312
+ {
313
+ "key": "app_dependency_on_connectivity_and_library",
314
+ "title": "The app only depends on up-to-date connectivity and security libraries.",
315
+ "description": "",
316
+ "caption": ""
317
+ }
318
+ ]
319
+ },
320
+ {
321
+ "key": "platform_interaction",
322
+ "title": "Platform Interaction",
323
+ "description": "",
324
+ "type": "checklist",
325
+ "items": [
326
+ {
327
+ "key": "minimum_set_of_permission",
328
+ "title": "The app only requests the minimum set of permissions necessary.",
329
+ "description": "",
330
+ "caption": ""
331
+ },
332
+ {
333
+ "key": "external_source_input_validation",
334
+ "title": "All inputs from external sources and the user are validated and if necessary sanitized. This includes data received via the UI, IPC mechanisms such as intents, custom URLs, and network sources.",
335
+ "description": "",
336
+ "caption": ""
337
+ },
338
+ {
339
+ "key": "sensitive_functionality_via_url_schemes",
340
+ "title": "The app does not export sensitive functionality via custom URL schemes, unless these mechanisms are properly protected.",
341
+ "description": "",
342
+ "caption": ""
343
+ },
344
+ {
345
+ "key": "export_sensitive_functionality_through_ipc",
346
+ "title": "The app does not export sensitive functionality through IPC facilities, unless these mechanisms are properly protected.",
347
+ "description": "",
348
+ "caption": ""
349
+ },
350
+ {
351
+ "key": "javascript_disabled",
352
+ "title": "JavaScript is disabled in WebViews unless explicitly required.",
353
+ "description": "",
354
+ "caption": ""
355
+ },
356
+ {
357
+ "key": "webview_minimum_set_of_protocol_handlers",
358
+ "title": "WebViews are configured to allow only the minimum set of protocol handlers required (ideally, only https is supported). Potentially dangerous handlers, such as file, tel and app-id, are disabled.",
359
+ "description": "",
360
+ "caption": ""
361
+ },
362
+ {
363
+ "key": "webview_within_app_javascript_render",
364
+ "title": "If native methods of the app are exposed to a WebView, verify that the WebView only renders JavaScript contained within the app package.",
365
+ "description": "",
366
+ "caption": ""
367
+ },
368
+ {
369
+ "key": "object_deserialization",
370
+ "title": "Object deserialization, if any, is implemented using safe serialization APIs.",
371
+ "description": "",
372
+ "caption": ""
373
+ }
374
+ ]
375
+ },
376
+ {
377
+ "key": "code_quality_and_build_settings",
378
+ "title": "Code Quality and Build Settings",
379
+ "description": "",
380
+ "type": "checklist",
381
+ "items": [
382
+ {
383
+ "key": "valid_certificate_sign",
384
+ "title": "The app is signed and provisioned with a valid certificate, of which the private key is properly protected.",
385
+ "description": "",
386
+ "caption": ""
387
+ },
388
+ {
389
+ "key": "built_in_release_mode",
390
+ "title": "The app has been built in release mode, with settings appropriate for a release build (e.g. non-debuggable).",
391
+ "description": "",
392
+ "caption": ""
393
+ },
394
+ {
395
+ "key": "debugging_symbol",
396
+ "title": "Debugging symbols have been removed from native binaries.",
397
+ "description": "",
398
+ "caption": ""
399
+ },
400
+ {
401
+ "key": "debugging_and_verbose_errors",
402
+ "title": "Debugging code has been removed, and the app does not log verbose errors or debugging messages.",
403
+ "description": "",
404
+ "caption": ""
405
+ },
406
+ {
407
+ "key": "third_party_vulnerability_check",
408
+ "title": "All third party components used by the mobile app, such as libraries and frameworks, are identified, and checked for known vulnerabilities.",
409
+ "description": "",
410
+ "caption": ""
411
+ },
412
+ {
413
+ "key": "exception_handling",
414
+ "title": "The app catches and handles possible exceptions.",
415
+ "description": "",
416
+ "caption": ""
417
+ },
418
+ {
419
+ "key": "security_controls_error_handling",
420
+ "title": "Error handling logic in security controls denies access by default",
421
+ "description": "",
422
+ "caption": ""
423
+ },
424
+ {
425
+ "key": "memory_allocation",
426
+ "title": "In unmanaged code, memory is allocated, freed and used securely.",
427
+ "description": "",
428
+ "caption": ""
429
+ },
430
+ {
431
+ "key": "free_security_features_offered_by_toolchain",
432
+ "title": "Free security features offered by the toolchain, such as byte-code minification, stack protection, PIE support and automatic reference counting, are activated.",
433
+ "description": "",
434
+ "caption": ""
435
+ }
436
+ ]
437
+ },
438
+ {
439
+ "key": "upload_logs",
440
+ "title": "Upload logs",
441
+ "description": "This should include all associated traffic associated to the in-scope targets.",
442
+ "type": "large_upload"
443
+ },
444
+ {
445
+ "key": "executive_summary",
446
+ "title": "Executive summary",
447
+ "description": "The executive summary should be written with a high-level view of both risk and business impact. It should be concise and clear, therefore it is important to use plain English. This ensures that non-technical readers can gain insight into security concerns outlined in your report.",
448
+ "type": "executive_summary"
449
+ }
450
+ ]
451
+ }
452
+ }
data/lib/data/0.1/methodologies/network.json ADDED
@@ -0,0 +1,207 @@
1
+ {
2
+ "metadata": {
3
+ "title": "Network",
4
+ "release_date": "2022-01-10T00:00:00+00:00",
5
+ "description": "Bugcrowd network testing methodology",
6
+ "vrt_version": "10.0.1"
7
+ },
8
+ "content": {
9
+ "steps": [
10
+ {
11
+ "key": "information",
12
+ "title": "Information Gathering / Recon",
13
+ "description": "",
14
+ "type": "checklist",
15
+ "caption": "Please include any valuable pieces of information found; and the source of said information",
16
+ "items": [
17
+ {
18
+ "key": "credentials_leaked",
19
+ "title": "Credentials or keys leaked on Github, Pastebin, etc.",
20
+ "caption": "",
21
+ "description": ""
22
+ },
23
+ {
24
+ "key": "leaked_as_part_of_past_breaches",
25
+ "title": "Usernames, emails, passwords, and other information leaked as part of past breaches.",
26
+ "caption": "",
27
+ "description": ""
28
+ },
29
+ {
30
+ "key": "internal_subdomain",
31
+ "title": "Internal subdomains, known software, etc.",
32
+ "caption": "",
33
+ "description": ""
34
+ },
35
+ {
36
+ "key": "zone_transfer_in_scope_ip",
37
+ "title": "Check for the ability to perform a zone transfer on the in-scope IP addresses",
38
+ "caption": "",
39
+ "description": ""
40
+ }
41
+ ]
42
+ },
43
+ {
44
+ "key": "scanning",
45
+ "title": "Scanning",
46
+ "description": "",
47
+ "type": "checklist",
48
+ "caption": "Please include your full nmap scan output + banner information in a single file. Similarly, include all other tooling outputs.",
49
+ "items": [
50
+ {
51
+ "key": "scan_in_scope_targets",
52
+ "title": "Fully scan the range of in-scope targets (all 65,535 TCP and UDP ports).",
53
+ "caption": "",
54
+ "description": ""
55
+ },
56
+ {
57
+ "key": "ensure_host_scan",
58
+ "title": "Ensure that hosts are still scanned, even if they are not responsive to a ping sweep.",
59
+ "caption": "",
60
+ "description": ""
61
+ },
62
+ {
63
+ "key": "in_scope_services_and_version_numbers",
64
+ "title": "Enumerate and document all in-scope services and version numbers.",
65
+ "caption": "",
66
+ "description": ""
67
+ },
68
+ {
69
+ "key": "document_services_that_communicate_insecurely",
70
+ "title": "Document services that communicate insecurely (e.g. telnet, http).",
71
+ "caption": "",
72
+ "description": ""
73
+ },
74
+ {
75
+ "key": "subdomain_takeovers",
76
+ "title": "Document any services with misconfigured DNS records allowing for subdomain takeovers.",
77
+ "caption": "",
78
+ "description": ""
79
+ },
80
+ {
81
+ "key": "leverage_available_services",
82
+ "title": "Review results and leverage any available services to obtain more information around the targets or users. Examples are RPC, SMB, SMTP, SNMP, etc.",
83
+ "caption": "",
84
+ "description": ""
85
+ }
86
+ ]
87
+ },
88
+ {
89
+ "key": "exploitation",
90
+ "title": "Exploitation",
91
+ "description": "",
92
+ "type": "checklist",
93
+ "caption": "Include any screenshots as proof of successful exploitation. For unsuccessful attacks, please document the commands/tools executed.",
94
+ "items": [
95
+ {
96
+ "key": "lack_of_auth",
97
+ "title": "Check for lack of auth or default creds to any available services. e.g. auth portals, anonymous FTP, SSH, RDP, mail relays, etc.",
98
+ "caption": "",
99
+ "description": ""
100
+ },
101
+ {
102
+ "key": "service_bypass",
103
+ "title": "Check for any auth bypasses on any available services.",
104
+ "caption": "",
105
+ "description": ""
106
+ },
107
+ {
108
+ "key": "cross_reference_software_version",
109
+ "title": "Cross reference software version numbers against known vulnerable versions or exploits (exploit db, CVEs, etc. often facilitated by the use of nessus/nikto/openvas/etc).",
110
+ "caption": "",
111
+ "description": ""
112
+ },
113
+ {
114
+ "key": "attempt_to_exploit_known_vulnerabilities",
115
+ "title": "Configure and attempt to exploit any known vulnerabilities (existing scripts with custom shellcode, metasploit modules, etc).",
116
+ "caption": "",
117
+ "description": ""
118
+ },
119
+ {
120
+ "key": "presence_of_sensitive_information_publicly",
121
+ "title": "Check for the presence of sensitive information that is publicly available on any service (e.g. documents available via anonymous FTP).",
122
+ "caption": "",
123
+ "description": ""
124
+ },
125
+ {
126
+ "key": "server_side_vulnerability_auth_bypass",
127
+ "title": "Test any available webservers for server-side vulnerabilities including Auth bypasses",
128
+ "caption": "",
129
+ "description": ""
130
+ },
131
+ {
132
+ "key": "server_side_vulnerability_default_credentials",
133
+ "title": "Test any available webservers for server-side vulnerabilities including Default credentials",
134
+ "caption": "",
135
+ "description": ""
136
+ },
137
+ {
138
+ "key": "server_side_vulnerability_known_exploits",
139
+ "title": "Test any available webservers for server-side vulnerabilities including Known exploits based on running vulnerable software",
140
+ "caption": "",
141
+ "description": ""
142
+ },
143
+ {
144
+ "key": "server_side_vulnerability_sql_injection",
145
+ "title": "Test any available webservers for server-side vulnerabilities including SQL Injection (SQLi)",
146
+ "caption": "",
147
+ "description": ""
148
+ },
149
+ {
150
+ "key": "server_side_rce",
151
+ "title": "Test any available webservers for server-side vulnerabilities including Remote Code Execution (RCE)",
152
+ "caption": "",
153
+ "description": ""
154
+ },
155
+ {
156
+ "key": "server_side_xxe",
157
+ "title": "Test any available webservers for server-side vulnerabilities including XML Entity Injection (XXE)",
158
+ "caption": "",
159
+ "description": ""
160
+ },
161
+ {
162
+ "key": "server_side_ssrf",
163
+ "title": "Test any available webservers for server-side vulnerabilities including Server Side Request Forgery (SSRF)",
164
+ "caption": "",
165
+ "description": ""
166
+ },
167
+ {
168
+ "key": "server_side_lfi_afi",
169
+ "title": "Test any available webservers for server-side vulnerabilities including Local/Arbitrary File Inclusion (LFI/AFI)",
170
+ "caption": "",
171
+ "description": ""
172
+ },
173
+ {
174
+ "key": "server_side_hidden_directory_pages",
175
+ "title": "Test any available webservers for server-side vulnerabilities including Hidden directories or pages with sensitive information",
176
+ "caption": "",
177
+ "description": ""
178
+ },
179
+ {
180
+ "key": "basic_web_app_scanner",
181
+ "title": "Run a basic web application scanner over the app, and report any valid issues. (nikto, burp, zap, et al)",
182
+ "caption": "",
183
+ "description": ""
184
+ },
185
+ {
186
+ "key": "attempt_bruteforcing",
187
+ "title": "Attempt moderate, informed/educated brute-forcing on available services - based on information gathered earlier in the assessment.",
188
+ "caption": "",
189
+ "description": ""
190
+ }
191
+ ]
192
+ },
193
+ {
194
+ "key": "upload_logs",
195
+ "title": "Upload logs",
196
+ "description": "This should include all associated traffic associated to the in-scope targets.",
197
+ "type": "large_upload"
198
+ },
199
+ {
200
+ "key": "executive_summary",
201
+ "title": "Executive summary",
202
+ "description": "The executive summary should be written with a high-level view of both risk and business impact. It should be concise and clear, therefore it is important to use plain English. This ensures that non-technical readers can gain insight into security concerns outlined in your report.",
203
+ "type": "executive_summary"
204
+ }
205
+ ]
206
+ }
207
+ }