Penetration Testing mailing list archives
Re: Flash Web Application
From: "Samantha Fetter" <Samantha.Fetter () truevalue com>
Date: Wed, 27 Jan 2010 19:09:12 -0600
Another great tool is SWFScan. It's provided by HP and requires registration, but is free. http://www.hp.com/go/swfscan I was introduced to this in a class, and was told that although other tools attempt to decompile the flash code, and can usually do a decent job, this tool was made using the actual Flash source so can truly decompile it accurately. It's easy to use and pretty cool. Cheers, Samantha
On 1/25/2010 at 8:58 PM, Zaki Akhmad <zakiakhmad () gmail com> wrote:Hello, I want to learn pentesting flash web application. The authentication also using flash. Any hint where I should start to pentest flash web application? Can I use webscarab to see what happen on the site? -- Zaki Akhmad ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Flash Web Application Zaki Akhmad (Jan 27)
- Re: Flash Web Application Justin Rogosky (Jan 28)
- Re: Flash Web Application Todd Haverkos (Jan 28)
- Re: Flash Web Application Samantha Fetter (Jan 28)
- Re: Flash Web Application Nikhil Wagholikar (Jan 28)