EN

Exchange Security Audit | Wallet Security Audit | Chain Security Audit | Smart Contract Security Audit

Exchange Security Audit

Open Source Intelligence Gathering
Whois information collection
Real IP discovery
Subdomain detection
Mail service detection
Certificate information collection
Web services component fingerprint collection
Port service component fingerprint collection
Segment C service acquisition
Personnel structure collection
GitHub source code leak locating
Google Hack detection
Discovery of the privacy leaked
App Security Audit
App environment testing audit
Code decompilation detection
File storage security detection
Communication encryption detection
Permissions detection
Interface security test
Business security test
WebKit security test
App cache security detection
App Webview DOM security test
SQLite storage security audit
Server Security Configuration Audit
CDN service detection
Network infrastructure configuration test
Application platform configuration management test
File extension resolution test
Backup, unlinked file test
Enumerate management interface test
HTTP method test
HTTP strict transmission test
Web front-end cross-domain policy test
Web security response head test
Weak password and default password detection
Management background discovery
Node Security Audit
Node configuration security detection
Node data synchronization security detection
Node transaction security audit
Node communication security detection
Node open source code security audit
Identity Management Audit
Role definition test
User registration process test
Account rights change test
Account enumeration test
Weak username strategy testing
Certification and Authorization Audit
Password information encrypted transmission test
Default password test
Account lockout mechanism test
Certification bypass test
Password memory function test
Browser cache test
Password strategy test
Security quiz test
Password reset test
OAuth authentication model test
Privilege escalation test
Authorization bypass test
Two-factor authentication bypass test
Hash robustness test
Session Management Audit
Session management bypass test
Cookies property test
Session fixation test
Session token leak test
Cross Site Request Forgery (CSRF) test
Logout function test
Session timeout test
Session token overload test
Input Security Audit
Cross Site Scripting (XSS) test
Template injection test
Third-party component vulnerability test
HTTP parameter pollution test
SQL injection test
XXE entity injection test
Deserialization vulnerability test
SSRF vulnerability test
Code injection test
Local file contains test
Remote file contains test
Command execution injection test
Buffer overflow test
Formatted string test
Business Logic Audit
Interface security test
Request forgery test
Integrity test
Overtime detection
Interface frequency limit test
Workflow bypass test
Application misuse protection test
Unexpected file type upload test
Malicious file upload test
Cryptographic Security Audit
Weak SSL/TLS encryption, insecure transport layer protection test
SSL pinning security deployment test
Non-encrypted channel transmission of sensitive data test
Hot Wallet Architecture Security Audit
Private Key Management System Security Audit

Wallet Security Audit

Open Source Intelligence Gathering
Whois information collection
Real IP discovery
Subdomain detection
Mail service detection
Certificate information collection
Web services component fingerprint collection
Port service component fingerprint collection
Segment C service acquisition
Personnel structure collection
GitHub source code leak locating
Google Hack detection
Discovery of the privacy leaked
App Security Audit
App environment testing audit
Code decompilation detection
File storage security detection
Communication encryption detection
Permissions detection
Interface security test
Business security test
WebKit security test
App cache security detection
App Webview DOM security test
SQLite storage security audit
Server Security Configuration Audit
CDN service detection
Network infrastructure configuration test
Application platform configuration management test
File extension resolution test
Backup, unlinked file test
Enumerate management interface test
HTTP method test
HTTP strict transmission test
Web front-end cross-domain policy test
Web security response head test
Weak password and default password detection
Management background discovery
Node Security Audit
Node configuration security detection
Node data synchronization security detection
Node transaction security audit
Node communication security detection
Node open source code security audit
Identity Management Audit
Role definition test
User registration process test
Account rights change test
Account enumeration test
Weak username strategy testing
Certification and Authorization Audit
Password information encrypted transmission test
Default password test
Account lockout mechanism test
Certification bypass test
Password memory function test
Browser cache test
Password strategy test
Security quiz test
Password reset test
OAuth authentication model test
Privilege escalation test
Authorization bypass test
Two-factor authentication bypass test
Hash robustness test
Session Management Audit
Session management bypass test
Cookies property test
Session fixation test
Session token leak test
Cross Site Request Forgery (CSRF) test
Logout function test
Session timeout test
Session token overload test
Input Security Audit
Cross Site Scripting (XSS) test
Template injection test
Third-party component vulnerability test
HTTP parameter pollution test
SQL injection test
XXE entity injection test
Deserialization vulnerability test
SSRF vulnerability test
Code injection test
Local file contains test
Remote file contains test
Command execution injection test
Buffer overflow test
Formatted string test
Business Logic Audit
Interface security test
Request forgery test
Integrity test
Overtime detection
Interface frequency limit test
Workflow bypass test
Application misuse protection test
Unexpected file type upload test
Malicious file upload test
Cryptographic Security Audit
Weak SSL/TLS encryption, insecure transport layer protection test
SSL pinning security deployment test
Non-encrypted channel transmission of sensitive data test

Chain Security Audit

Open source code audit
Node security audit
Node communication security audit
Node consensus algorithm security audit
Contract Virtual Machine Security Audit
Security configuration audit
Blockchain browser security audit

Smart Contract Security Audit

Overflow Audit
Conditional Competition Audit
Authority Control Audit
Safety Design Audit
Zeppelin module safe use
Compiler version security
Hard-coded address security
Fallback function safe use
Show coding security
Denial of Service Audit
Gas Optimization Audit
Design Logic Audit