Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Flash Web Application

From: Matthew McGuire <matthewmcguire5 () aol com>
Date: Wed, 3 Feb 2010 19:49:29 +0000


-----Original Message-----
From: Zaki Akhmad <zakiakhmad () gmail com>
Sent: Tuesday, February 02, 2010 12:12 PM
To: david lodge <resident.deity () gmail com>
Cc: pen-test () securityfocus com
Subject: Re: Flash Web Application

On Tue, Feb 2, 2010 at 6:17 PM, david lodge <resident.deity () gmail com> wrote:


Get a good flash disassembler. You can get flare and flasm for free
(open source), but these are limited to as2 and don't support as3. The
other alternatives are SoThink's SWFdecompiler and ASV (both
commercial). SWFscan from HP is good, but I've had varying success
from it and prefer to do it by hand :-)


What do you mean by "... to do it by hand"?

I can't get good source with SWFscan. Is it me the one who wrong and
didn't know how to do it with SWFscan or ...

-- 
Zaki Akhmad

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: