|
Penetration Testing
mailing list archives
Re: Forms D2K Application Testing
From: "Deniz CEVIK" <denizcev () gmail com>
Date: Fri, 18 Apr 2008 09:24:52 +0200
Hi,
Since POST or response data from web server could be binary format,
classic web application test approach like as you did may not be used
for GUI or swing based java applications. I generally download jar
file and try decompile with some tools and looking source codes to
find any vulnerability for this kind of applications.
On Thu, Apr 17, 2008 at 6:49 AM, <iyer.anant.r () gmail com> wrote:
Hello,
I need some in carrying out an application penetration testing of a Forms & D2K applications which are web-enabled.
How does on intercept the traffic (like any HTTP Proxy)? Even though the application is web-enabled, the proxy I am
using (WebScarab) does capture the data, but it does not make any sense ( Am I missing out on some trick here?)
Any help will be deeply appreciated.
Regards,
Anant Iyer
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
