Penetration Tests - 2langnic/GlobaLeaks GitHub Wiki
GlobaLeaks Project is periodically subject to independent Security Audit and Penetration Tests in order to verify and improve the security of the system.
Thanks to the Open Technology Fund the GlobaLeaks and Tor2web has received a total of 4 penetration tests.
We additionally invite independent security researchers to apply to our Bug Hunting project.
Below the detailed reports of penetration tests we've received along with the transparent feedback and fixing we've followed:
| Date | Software | Auditor | Goal | Report |
|---|---|---|---|---|
| 2013 Q1 | GlobaLeaks | iSecPartners | Architecture Audit | iSecPartners-Report |
| 2013 Q2 | GlobaLeaks | Cure53 | Web Security Audit | Cure53-Report |
| 2013 Q4 | Tor2web | VeraCode | Overall Audit | VeraCode-Report |
| 2014 Q1 | GlobaLeaks | LeastAuthority | Source Code Audit | LeastAuthority-Report |
If you want to carry on or sponsor an Independent Security Audit please email us to projects at logioshermes.org