The Ushahidi platform is a crowdsourcing data mapping tool.

Radically Open Security (ROS) performed a penetration test of the Ushahidi platform in February 2016. The scope of the penetration test was limited to:

  • Ushahidi Platform V3 API
  • Ushahidi Platform Client
  • Ansible Playbooks
  • Hybrid Mobile UI for Ushahidi Platform

This was a crystalbox penetration test with access to the public (Ushahidi platform) and private (Ansible playbooks) Github Repositories.

The full penetration test and summary of findings can be found below.

Ushahidi Penetration Test