Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Forms D2K Application Testing

from [Deniz CEVIK] Network Security [Permanent Link]
Subject: Re: Forms D2K Application Testing
Date: Fri, 18 Apr 2008 09:24:52 +0200 
Hi,

Since POST or response data from web server could be binary format,
classic web application test approach like as you did may not be used
for GUI or swing based java applications. I generally download jar
file and try decompile with some tools and looking source codes to
find any vulnerability for this kind of applications.

On Thu, Apr 17, 2008 at 6:49 AM,  <iyer.anant.r@gmail.com> wrote:

Hello,


I need some in carrying out an application penetration testing of a Forms & 
D2K applications which are web-enabled. How does on intercept the traffic 
(like any HTTP Proxy)? Even though the application is web-enabled, the proxy 
I am using (WebScarab) does capture the data, but it does not make any sense 
( Am I missing out on some trick here?)


Any help will be  deeply appreciated.


Regards,


Anant Iyer

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Extreme Networks password hash, RB
Next by Date:  Re: Autorun programs from flash drive., Victor DaViking
Previous by Thread:  Forms D2K Application Testing, iyer . anant . r
Next by Thread:  Re: Forms D2K Application Testing, arvind doraiswamy
Indexes:  [Date] [Thread] [Top] [All Lists]