Software Life-cycle of Hacking
Posted
by
David Kaczynski
on Programmers
See other posts from Programmers
or by David Kaczynski
Published on 2012-10-15T13:36:29Z
Indexed on
2012/10/15
15:53 UTC
Read the original article
Hit count: 346
At my local university, there is a small student computing club of about 20 students. The club has several small teams with specific areas of focus, such as mobile development, robotics, game development, and hacking / security.
I am introducing some basic agile development concepts to a couple of the teams, such as user stories, estimating complexity of tasks, and continuous integration for version control and automated builds/testing.
I am familiar with some basic development life-cycles, such as waterfall, spiral, RUP, agile, etc., but I am wondering if there is such a thing as a software development life-cycle for hacking / breaching security. Surely, hackers are writing computer code, but what is the life-cycle of that code? I don't think that they would be too concerned with maintenance, as once the breach has been found and patched, the code that exploited that breach is useless.
I imagine the life-cycle would be something like:
- Find gap in security
- Exploit gap in security
- Procure payload
- Utilize payload
I propose the following questions:
- What kind of formal definitions (if any) are there for the development life-cycle of software when the purpose of the product is to breach security?
© Programmers or respective owner