|
|
Web Application Security
Pentesting of Thick client and client-server applications Jun 07 2011 03:53AM Balaji Vasanth (balaji_vasanth14 yahoo com) (2 replies) Re: Pentesting of Thick client and client-server applications Jun 07 2011 11:40AM Irene Abezgauz (irene abezgauz gmail com) (1 replies) Re: Pentesting of Thick client and client-server applications Jun 08 2011 01:05AM AK (platsakos gmail com) |
|
Privacy Statement |
appscan, Netsparker, Nexpose etc to name a few and then proceed
further with manual testing and validating the findings.
Fuzzing is important, but then it depends on what is the base of your
application.
Source code review is another option which you can explore.
On Tue, Jun 7, 2011 at 5:53 AM, Balaji Vasanth
<balaji_vasanth14 (at) yahoo (dot) com [email concealed]> wrote:
> Hi,
>
> Are there any specific set of methodologies/approaches, tools for the vulnerability testing of client-server applications and standalone apps developed in different languages?
>
> I could just think of using some TCP proxies (Echomirage, TCP Catcher etc) to intercept the client-server traffic and go ahead, debuggers like Ollydbug, WinDbg, GNU to understand the calls at client-side and some disassemblers & fuzzers (not sure on which to choose). For some thick clients communicating on Port 80/443 with the server, i am using the Fiddler plugin "Watcher". Is that good enough...?
>
> Thanks in advance
>
> Regards
>
> M. Balaji Swaminathan
>
>
>
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now!
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------
>
>
--
Cheers,
Audi
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
[ reply ]