[Owasp-delhi] Thick client security testing

Neelu Tripathy neelu.tripathy at tcs.com
Tue Aug 17 04:11:05 EDT 2010


Hi Padma,
One of the basic tools that could be used to start with is ITR(Interactive 
TCP Relay).It acts as a proxy and can be used to intercept thick client 
communications. Had started working on this but could not continue. Let me 
know if you find some stuff.
 Liked a few links:
http://www.infosecwriters.com/text_resources/pdf/Thick_Client_Application_Security.pdf
http://palisade.plynt.com/issues/2006Mar/thick-client-attacks/

Regards,
Neelu Tripathy
Security Analyst,  TEG
Tata Consultancy Services




From:
padmasriramiyer at hsbc.co.in
To:
owasp-delhi at lists.owasp.org, owasp-delhi-bounces at lists.owasp.org
Date:
08/17/2010 12:53 PM
Subject:
[Owasp-delhi] Thick client security testing
Sent by:
owasp-delhi-bounces at lists.owasp.org




Hi guys, 

Can anyone please guide me how to proceed with security testing of Java 
application i.e. a thick client? 


Best regards, 
Padma Sriram Iyer 
Senior Security Analyst 
GLT Information Security Risk 
HSBC Technology and Services - Global Technology 
_______________________________________________________________________

Phone.     91 20 6642 2285
Tieline.     71 91 20 2285 
Email.       padmasriramiyer at hsbc.co.in 
_______________________________________________________________________

************************************************************
HSBC Software Development (India) Pvt Ltd
HSBC Center Riverside,West Avenue ,
25 B Kalyani Nagar Pune  411 006 INDIA

Telephone: +91 20 26683000
Fax: +91 20 26681030
************************************************************
----------------------------------------- 
******************************************************************* This 
e-mail is confidential. It may also be legally privileged. If you are not 
the addressee you may not copy, forward, disclose or use any part of it. 
If you have received this message in error, please delete it and all 
copies from your system and notify the sender immediately by return 
e-mail. Internet communications cannot be guaranteed to be timely, secure, 
error or virus-free. The sender does not accept liability for any errors 
or omissions. 
******************************************************************* "SAVE 
PAPER - THINK BEFORE YOU PRINT!" 
_______________________________________________
Owasp-delhi mailing list
Owasp-delhi at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-delhi


=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain 
confidential or privileged information. If you are 
not the intended recipient, any dissemination, use, 
review, distribution, printing or copying of the 
information contained in this e-mail message 
and/or attachments to it are strictly prohibited. If 
you have received this communication in error, 
please notify us by reply e-mail or telephone and 
immediately and permanently delete the message 
and any attachments. Thank you


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20100817/c02cbf4b/attachment.html 


More information about the Owasp-delhi mailing list