Penetration Testing mailing list archives
Re: Flash Web Application
From: Justin Rogosky <jrogosky () gmail com>
Date: Wed, 27 Jan 2010 17:56:47 -0500
An inline proxy like webscarab may help, but another good tools is rat proxy. It comes with a flash decompiler called flare. This allows you to read the actionscript in the swf file. In addition to the proxy, you may wish to run a sniffer on your system. Flash is not limited to using http but can create raw socket connections as well. --Justin On Tue, 2010-01-26 at 09:58 +0700, Zaki Akhmad wrote:
Hello, I want to learn pentesting flash web application. The authentication also using flash. Any hint where I should start to pentest flash web application? Can I use webscarab to see what happen on the site?
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Flash Web Application Zaki Akhmad (Jan 27)
- Re: Flash Web Application Justin Rogosky (Jan 28)
- Re: Flash Web Application Todd Haverkos (Jan 28)
- Re: Flash Web Application Samantha Fetter (Jan 28)
- Re: Flash Web Application Nikhil Wagholikar (Jan 28)