Re: Forms D2K Application Testing

["Deniz CEVIK" <denizcev () gmail com>]

Hi,

Since POST or response data from web server could be binary format,
classic web application test approach like as you did may not be used
for GUI or swing based java applications. I generally download jar
file and try decompile with some tools and looking source codes to
find any vulnerability for this kind of applications.

On Thu, Apr 17, 2008 at 6:49 AM,  <iyer.anant.r () gmail com> wrote:
> Hello,
>
>
> I need some in carrying out an application penetration testing of a Forms & D2K applications which are web-enabled. 
> How does on intercept the traffic (like any HTTP Proxy)? Even though the application is web-enabled, the proxy I am 
> using (WebScarab) does capture the data, but it does not make any sense ( Am I missing out on some trick here?)
>
>
> Any help will be  deeply appreciated.
>
>
> Regards,
>
>
> Anant Iyer
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------