Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Flash Web Application
From: Justin Rogosky <jrogosky () gmail com>
Date: Wed, 27 Jan 2010 17:56:47 -0500

An inline proxy like webscarab may help, but another good tools is rat
proxy.  It comes with a flash decompiler called flare.  This allows you
to read the actionscript in the swf file.

In addition to the proxy, you may wish to run a sniffer on your system.
Flash is not limited to using http but can create raw socket connections
as well.  

--Justin



On Tue, 2010-01-26 at 09:58 +0700, Zaki Akhmad wrote:
Hello,

I want to learn pentesting flash web application. The authentication
also using flash. Any hint where I should start to pentest flash web
application?

Can I use webscarab to see what happen on the site?




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault