The Ushahidi platform is a crowdsourcing data mapping tool.
Radically Open Security (ROS) performed a penetration test of the Ushahidi platform in February 2016. The scope of the penetration test was limited to:
- Ushahidi Platform V3 API
- Ushahidi Platform Client
- Ansible Playbooks
- Hybrid Mobile UI for Ushahidi Platform
This was a crystalbox penetration test with access to the public (Ushahidi platform) and private (Ansible playbooks) Github Repositories.
The full penetration test and summary of findings can be found below.