We began researching pentesting thick client applications in order to eventually build an overarching methodology for pentesters which would serve as single source to reference for everything to with pentesting thick client applications, summarizing all the relevant and up-to-date knowledge on the subject. This blog post aims to provide a security check-list and a number of tools to refer to when assessing the security of Windows executable files to achieve better pentest results. For example, here is a couple of vulnerabilities found by security researchers: Unlike web applications or infrastructure pentests, thick client pentests have a more notable success rate because the client is available locally and, hence, critical vulnerabilities may be found during the engagements. Thick client testing can be exciting for pentesters because the attack surface of these applications can be significant. Moreover, the process often requires specialized tools and custom testing setup. Simple automated assessment scanning is not sufficient and testing thick client applications requires a lot of patience and a methodical approach. Thick client pentesting involves both local and server-side processing and often uses proprietary protocols for communication.
Due to the adoption of hybrid infrastructure architecture, thick-client applications can become a better target for attackers.
Thick client applications have been around for many years and can still be found within a variety of organizations – across industries and sizes.
0 kommentar(er)
