When arranging a pen test it’s common practice to ask the client a set of questions, and use the answers either as the basis for further discussions, or to directly provide a test plan and quotation.
For a mobile app specifically, what questions are helpful to include? For example:
- What platforms does the app support? e.g. iOS, Android
- Was the app developed using a cross-platform framework? e.g. PhoneGap, Kivy
- Does the app connect to it’s own back-end service? e.g. bespoke REST, Firebase
- Do these connections use SSL pinning?
- Does the app provide additional UI secuity? e.g. PIN, FLAG_SECURE
- Does the app provide IPC interfaces? e.g. URL handler, intent
- Does the app interface with hardware? e.g. bluetooth card reader
- Is the app obfuscated?
- How is the app delivered? e.g. public store, private app in store, alternate store, sideloading
- What authentication is used? e.g. pairing, user name & password, connect with Facebook
- How many views/pages does the app have?
- What permissions does the app request?
- Does the app make arbitrary network connections or listen on ports?
If you have any other ideas, please let me know!