Contact us for your penetration testing needs 1-866-PLYNT-24    |   Contact Us   Plynt UK Website  
Click to get Security Testing Quote
How do I check if there's a backdoor in my application?

The best way to know if you've a back door in your app is to do a code audit. A remote pen test might find it, but the chances are low.

Companies check for back doors when a security critical software is purchased from a 3rd party. The fear is that developers might have inserted code that lets them get back into the app on a later date.

During the audit, here're a few things the auditor will do to check for back doors:

  • Look for undocumented ports being opened
  • Monitor registry access for anything suspicious
  • Track the files being opened
  • Monitor if other execuatbles are launched
  • Watch for network connections going out
  • Check for hard-coded special passwords in the code
  • Look for "special" users in the user database

Sysinternals has several tools that help the auditor: Regmon, Filemon, Process Explorer, PSTools, Strings, Rootkit Revealer, etc.


Request a proposal

Our quote contains the best price, the time estimate, and our methodology; and we'll mail you the quote in 24 hrs.


                                                
 
Movable Type Appliance - Powered by TurnKey Linux