Because you don't want to waste your time
We believe that an application's security assessment should be done while following a process: test bench prep, vulnerabilities search, security functions bypass or report writing. Discover how our solutions can help you run your security assessments.
Preparation
Test bench
At Reversense, we believe that a good test bench should be compatible with the security target, be representative of the market and let you explore as many attack paths as possible.
That's the reason why we offer SenseBox, a turnkey test bench for your needs.
- Devices that suit your needs
- Documentation
- Technology watch reports
- Tested for Dexcalibur
Analysis
Localization of security functions
During assessments, you often need to locate where security functions are coded in the target program. The programs you are assessing are very often obfuscated and this deobfuscation step can be costly.
Nearly in an autonomous way, Dexcalibur is able to deobfuscate parts of your program by reproducing the evaluator approach.
Bypass
Functions that caught your interest are located and you're looking at how to bypass them while keeping in mind the hypothesis you set.
Dexcalibur can suggest attack paths and hypothesis for each of them. In some cases, Dexcalibur leverages its virtual machine (VM) and its symbolic analysis engine to generate an attack vector able to reproduce the bypass.
Report
Tests writing
Writing reports could be perceived as tedious by Evaluators. Dexcalibur's bookmark systems allows to gather information and screenshots by topic in a few clicks. These elements are then integrated to the report generated by Dexcalibur.
Reproductibility
It's easier for your customers to accept vulnerabilities and patch them if you are able to provide what they need to reproduce them.
By using Dexcalibur to run your tests, it will be able to generate an explanatory documentation and a kit with scripts to replicate tests (with some limits).
Get a free consultation
Let's discuss your needs and find the best solutions for your projects.
Dexcalibur helps me with tedious, time-consuming tasks since it provides useful features for the instrumentation application. This is a clever time-saving tool. My favorite feature is the automated functions hooking. No need to bother writing hooks one by one, this tool automates hooks on its own while providing easy-to-use GUI.
Since I work on complex mobile applications, I often come across a lot of security mechanisms that drastically slow down static analysis. Dexcalibur is specifically designed to respond to this problem, it combines static and dynamic analysis in a very elegant way and makes application analysis much simpler. Instrumenting mobile application with Dexcalibur has never been so smooth.