[Owasp-delhi] Thick client security testing

Dharmesh M Mehta Dharmesh.Mehta at mastek.com
Tue Aug 17 07:16:18 EDT 2010


Hi Padma,

I have personally found Echo Mirage tool useful for security testing of a thick client application.
Like a proxy tool for testing web application, Echo Mirage can be used to intercept and modify the request from the client to the server and perform most of your validation related attacks.


Thanks & Regards,

Dharmesh Mehta, CISSP
Security Specialist - Technology Engineering & Consulting Group
Mastek Ltd | MNDC, MBP Mahape, Navi Mumbai, India | (T) 91 22 6791 4646 Extn - 5469 | Mobile: 91 9730002132
http://smartsecurity.blogspot.com<http://smartsecurity.blogspot.com/>

From: owasp-delhi-bounces at lists.owasp.org [mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of padmasriramiyer at hsbc.co.in
Sent: Tuesday, August 17, 2010 10:11 AM
To: owasp-delhi at lists.owasp.org; owasp-delhi-bounces at lists.owasp.org
Subject: [Owasp-delhi] Thick client security testing


Hi guys,

Can anyone please guide me how to proceed with security testing of Java application i.e. a thick client?


Best regards,
Padma Sriram Iyer
Senior Security Analyst
GLT Information Security Risk
HSBC Technology and Services - Global Technology
_______________________________________________________________________

Phone.     91 20 6642 2285
Tieline.     71 91 20 2285
Email.       padmasriramiyer at hsbc.co.in<mailto:padmasriramiyer at hsbc.co.in>
_______________________________________________________________________

************************************************************
HSBC Software Development (India) Pvt Ltd
HSBC Center Riverside,West Avenue ,
25 B Kalyani Nagar Pune  411 006 INDIA

Telephone: +91 20 26683000
Fax: +91 20 26681030
************************************************************
----------------------------------------- ******************************************************************* This e-mail is confidential. It may also be legally privileged. If you are not the addressee you may not copy, forward, disclose or use any part of it. If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return e-mail. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions. ******************************************************************* "SAVE PAPER - THINK BEFORE YOU PRINT!"


MASTEK LTD.
In the US, we're called MAJESCOMASTEK

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Opinions expressed in this e-mail are those of the individual and not that of Mastek Limited, unless specifically indicated to that effect. Mastek Limited does not accept any responsibility or liability for it. This e-mail and attachments (if any) transmitted with it are confidential and/or privileged and solely for the use of the intended person or entity to which it is addressed. Any review, re-transmission, dissemination or other use of or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. This e-mail and its attachments have been scanned for the presence of computer viruses. It is the responsibility of the recipient to run the virus check on e-mails and attachments before opening them. If you have received this e-mail in error, kindly delete this e-mail from desktop and server.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20100817/ef839bc2/attachment-0001.html 


More information about the Owasp-delhi mailing list