Thick client application

SeverineSeverine Member Posts: 33 ■■■□□□□□□□
in Cybersecurity Management

What is the best way to do security testing for a thick client application?

Tagged:
· Share on FacebookShare on Twitter

Comments

  • SteveLavoieSteveLavoie Member Posts: 1,133 ■■■■■■■■■□
    It all depend on the situation, are you the dev of the application, or you took it on the internet and want to test it?

    I am not an expert.. but what you can do at least is:

    Capture network traffic while using the application
    Use Process monitor and see which file, reg key and so on is created, read, or modified

    Then you can also decompile/look at the code and so on, but it is more a dev job. 


    · Share on FacebookShare on Twitter
  • JDMurrayJDMurray Admin Posts: 13,088 Admin
    Are we doing your homework?
    Forum Admin at www.techexams.net
    --
    Credly
    LinkedIn
    Twitter
    · Share on FacebookShare on Twitter
  • SeverineSeverine Member Posts: 33 ■■■□□□□□□□
    Thanks, Steve for your reply.

    I have read that Thick client applications are more complicated and customized as compared to other web or mobile applications, due to which it is not easy to detect the vulnerabilities in them, and also the penetration testing approach for thick client applications is very different. Therefore, I was curious to know how to do security testing for a thick client application.

    · Share on FacebookShare on Twitter
  • SteveLavoieSteveLavoie Member Posts: 1,133 ■■■■■■■■■□
    JDMurray said:
    Are we doing your homework?
    Maybe :smile:
    · Share on FacebookShare on Twitter
Sign In or Register to comment.