AttackFlow Findings Dictionary

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

Null Reference Exception

Null reference exceptions in a production environment always produce frustrations in customers and reflect back to developers as bug tickets



Fix Cost


Trust Level


Null reference exceptions occur when trying to dereference a reference which is null. In simpler terms it happens when trying to make an operation on a null value at runtime.

private void ToUpper(string fullName)
return fullName.ToUpperInvariant();


The above code in method ToUpper doesn’t check passed parameter fullName against null, therefore, at runtime there’s a possibility of throwing NullReferenceException.

While this scenario is easy to understand and mitigated, NullReferenceExceptions can be thrown in various types of scenarios. As an example;

return Person.Accounts[i].Transfers[k].DestinationAccount;


The above code dereferences a lot of properties and each one of them has the possibility to throw NullReferenceException.

Finding A Way To Purchase AttackFlow Enterprise Edition?

If so, click to buy now for yearly subscriptions!