Penetration Testing mailing list archives
Re: Forms D2K Application Testing
From: "Deniz CEVIK" <denizcev () gmail com>
Date: Fri, 18 Apr 2008 09:24:52 +0200
Hi, Since POST or response data from web server could be binary format, classic web application test approach like as you did may not be used for GUI or swing based java applications. I generally download jar file and try decompile with some tools and looking source codes to find any vulnerability for this kind of applications. On Thu, Apr 17, 2008 at 6:49 AM, <iyer.anant.r () gmail com> wrote:
Hello, I need some in carrying out an application penetration testing of a Forms & D2K applications which are web-enabled. How does on intercept the traffic (like any HTTP Proxy)? Even though the application is web-enabled, the proxy I am using (WebScarab) does capture the data, but it does not make any sense ( Am I missing out on some trick here?) Any help will be deeply appreciated. Regards, Anant Iyer ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Forms D2K Application Testing iyer . anant . r (Apr 17)
- Re: Forms D2K Application Testing Deniz CEVIK (Apr 18)
- Re: Forms D2K Application Testing arvind doraiswamy (Apr 18)
- Re: Forms D2K Application Testing Rogan Dawes (Apr 18)