WebApplication assessment issue

[<marcog () nettaxi com>]

Dear List,

We are currently working on a vulnerability Assessment based on the HTTP 
view of PeopleSoft’s Human Resource Module running in BEA Weblogic’s 
Application server. The application front-end is made by servlets running 
on a open source Web server/servlet engine, while the back-end is 
supported by a commercial DB.

Have anyone ever faced with this environment? Any suggestion on how reduce 
the assessment complexity?

 

Thanks in advance,

Marco