Since then, we have continued to focus on Electron and remain very familiar with the codebase and the continually evolving set of weaknesses and pitfalls faced by developers.
ElectronJS on Windows, Linux, and macOS
Doyensec is uniquely situated to perform detailed security audits of Electron-based applications. The results of our work was presented at many top-tier security conferences, including BlackHat USA 2017, OWASP AppSec 2018, BlackHat ASIA 2019 and many private events.
We have discovered and reported vulnerabilities in core Electron and in many applications built using this framework. During our testing, we will find design weaknesses and implementation bugs that can be leveraged to compromise Desktop applications built using web technologies.
We're the author of Electronegativity, a popular OSS solution for automated Electron security. Given the difficulty of keeping up with the constantly changing security posture of the framework that powers Desktop applications, we also created ElectroNG. ElectroNG's dynamic contextual scanning technology allows it to automatically adapt to the target application's configuration, resulting in rapid vulnerability detection with amazing accuracy.
Information Gathering and Reconnaissance
- Enumeration of BrowserWindow, BrowserView and Webview Tags
- Analysis of Native Code in Use
- Review of All Dependencies and Add-ons in Use
Content Security and Process Isolation
- NodeIntegration and Sandbox bypasses
- Flaws in Preload Scripts Insecure Affinity Property Usage
- Pop-ups in WebViews
- Loading Untrusted Origins
- Context Isolation for Preload Scripts
- Content Security Policy
- Use of Dangerous Functions and APIs
- Usage of openExternal and Similar Weaknesses in Custom Protocol Handlers
- Application of Security Patches
- Experimental Features
- Command Line Arguments
- Outdated Components and Dependencies with Known Vulnerabilities
- Privacy and Secure UX Flaws (e.g., Information Disclosure via Notifications)
- Deviations from Browser Security Standards (e.g., SOP)
- Insecure Data Storage
- x.509 Certification Validation
- TLS Vulnerabilities Introduced in Chromium/Node.js
- Insecure HTTP Connections
- Certificate Pinning
our research articles
Research is one of our founding principles and we invest in it heavily. All of our researchers have the privilege to use %25 of their time exclusively for self-directed research.show more publications