Re: Forms D2K Application Testing
- From: "Deniz CEVIK" <denizcev@xxxxxxxxx>
- Date: Fri, 18 Apr 2008 09:24:52 +0200
Hi,
Since POST or response data from web server could be binary format,
classic web application test approach like as you did may not be used
for GUI or swing based java applications. I generally download jar
file and try decompile with some tools and looking source codes to
find any vulnerability for this kind of applications.
On Thu, Apr 17, 2008 at 6:49 AM, <iyer.anant.r@xxxxxxxxx> wrote:
Hello,
I need some in carrying out an application penetration testing of a Forms & D2K applications which are web-enabled. How does on intercept the traffic (like any HTTP Proxy)? Even though the application is web-enabled, the proxy I am using (WebScarab) does capture the data, but it does not make any sense ( Am I missing out on some trick here?)
Any help will be deeply appreciated.
Regards,
Anant Iyer
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- References:
- Forms D2K Application Testing
- From: iyer . anant . r
- Forms D2K Application Testing
- Prev by Date: Re: Autorun programs from flash drive.
- Next by Date: Re: Forms D2K Application Testing
- Previous by thread: Forms D2K Application Testing
- Next by thread: Re: Forms D2K Application Testing
- Index(es):
Relevant Pages
|
|
