Re: Flash Web Application



Another great tool is SWFScan. It's provided by HP and requires registration, but is free.
http://www.hp.com/go/swfscan

I was introduced to this in a class, and was told that although other tools attempt to decompile the flash code, and can usually do a decent job, this tool was made using the actual Flash source so can truly decompile it accurately. It's easy to use and pretty cool.

Cheers,
Samantha

On 1/25/2010 at 8:58 PM, Zaki Akhmad <zakiakhmad@xxxxxxxxx> wrote:
Hello,

I want to learn pentesting flash web application. The authentication
also using flash. Any hint where I should start to pentest flash web
application?

Can I use webscarab to see what happen on the site?

--
Zaki Akhmad

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually
do a proper penetration test. IACRB CPT and CEPT certs require a full
practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



Relevant Pages

  • Re: Flash Web Application
    ... I want to learn pentesting flash web application. ... that showed off SWFScan, a free actionscript decompiler. ... I bet you break the application's authentication by tomorrow. ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Flash Web Application
    ... I want to learn pentesting flash web application. ... The authentication ... Any hint where I should start to pentest flash web ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: Software to Correlate traffic from various devices
    ... Information Assurance Certification Review ... IACRB CPT and CEPT certs require ... a full practical examination in order to become certified. ...
    (Pen-Test)
  • Re: Software to Correlate traffic from various devices
    ... Information Assurance Certification Review Board ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)
  • Re: Software to Correlate traffic from various devices
    ... Information Assurance Certification Review Board ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)