I found it extremely productive to first look for strings in the code. But what strings to look for? And how to look for the strings? Looking into the source files? My good friend FindStr is of great help here: So first let's find what to look for inside the compiled assemblies: Ildasm.exe secureapp.dll /text | findstr ldstr This should produce all the strings found in the assembly This is what I've got using it: Wouldn't it trigger you think of authorization data doing roundtrip thus vulnerable...
When offering Security Code Inspection services [any services in fact...] I am asked by customers for cost estimates - pretty expected behavior How to estimate expected effort? The detailed guide for Security Inspection is here. One thing is to point out though [scroll down to EEG Considerations when navigating to the above link]: "In practice, EEG [Engineering Excellence Group within MS] has found that a higher volume of significant defects is found when reviewers limit themselves to 250–500 lines...