i am looking to pen test an app which is not a webapp :) . on browsing to the url it launches a java application using jnlp.
i used a network traffic sniffer to see the traffic, and it is making post requests to several different urls (e.g. webapp.com/generatereport etc.), and the response is of type x-serialize object.
any suggestions on what could be things to look at for such a pentest?
thanks
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
i am looking to pen test an app which is not a webapp :) . on browsing to the url it launches a java application using jnlp.
i used a network traffic sniffer to see the traffic, and it is making post requests to several different urls (e.g. webapp.com/generatereport etc.), and the response is of type x-serialize object.
any suggestions on what could be things to look at for such a pentest?
thanks
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
[ reply ]