Setup

This page will guide you through the different steps in the Setup tab.

App Selection

Follow the instructions displayed within the interface to select an already installed application. Once you selected your application, you can choose to enter a description of the assessment if you’d like, and then download the application data by clicking on the “Download” button on the same page as shown below.

App Selection

You can also install an application using a APK file directly by selecting the “Select app manually” option from the drop down menu.

Network Setup

This step will launch the Lab-WiFi network and is required to ensure the test device is connected. Without proper network connectivity, many of the following steps will be unsuccessful.

Workstation can automatically start the WiFi network for you when you open or create a project and connect automatically to your device. To enable this option, go to Options > Preferences > Startup and check the option “Launch WiFi on Startup”.

  1. Click “Start” to launch the WiFi network. If the Lab-WiFi network is already launched, Workstation will make sure your device is correctly connected to it.

  2. When using for the first time, you may need to manually connect to the phone’s Wi-Fi network. On either device, go to Settings >> Wi-Fi, then select the “Lab-WiFi” network and enter the password provided to you.

  3. If you have issues getting Workstation to recognize the network, view the F.A.Q section for a potential resolution.

Search Terms

Reading the “Info” section displayed inside the specific step in the Workstation interface can help you understand what data should be entered here.

Select an entry from the “Search Criteria Type” drop down menu and input any information that is pertinent to the information that will be populated while using the application. Standard entries are Username, Password, and Keywords, however, Workstation can also search for regular expressions. ‘Phone Number’, ‘Credit Card Number’, and ‘Social Security Number’ are included in the drop down, and the analyst has the option to create custom expressions as well.

Search Terms

In the example above, a custom expression has been provided. With the above regular expression pattern, you can search through a text file to find email addresses or verify if a given string looks like an email address.

Workstation can import and export search terms to minimize data entry. Use the buttons labeled “Import” and “Export” (shown in the screenshot above). Exported search terms are stored in CSV format (shown in example below).

Username,[email protected],FALSE,[]
Password,password123,FALSE,[]
Social Security Number,[0-9]{3}-[0-9]{2}-[0-9]{4},TRUE,[‘HIPPA’, ‘FISMA’]

Workstation will automatically search multiple locations for the entered information, including the network traffic, device logfile, and the local application files. Aside from plain-text values, Workstation will also search for common hashes and other encoding forms, which includes md5, SHA1, url encode, and base 64.

Once you have entered all pertinent information, you can move to the next step of your assessment.

Be aware that depending on the number of credentials/keywords entered in this step, some of the tests can take a longer time to complete.

Compliance Output

Marking a compliance option in the previous step allows the analyst to flag certain findings as compliance violations. This allows the data to be organized in a way that can be easily identified when looking through the report.

Compliance Output

In the example above, HIPAA compliance was marked during the initial search. From this automated output, we can see that the data flagged for HIPAA compliance was found. It has been grouped under the “Compliance” folder in the workspace.