Discover the Critical Vulnerabilities in Your Thick Client Application

MOBILE APPS RISK FACTOR

Thick client applications are also known as desktop applications.

Simple automated assessment scanning is not sufficient and testing thick client application requires pentesting that involves both local and server-side processing and often uses proprietary protocols for communication.

Thick client applications are fully functional even if they are not connected to the Internet and it works as “client” only when it is connected to the internet.

As a server can provide thick-client with files that are not even installed on the local machine which makes such applications extremely volatile targets for attackers.

APPROACH

Our Approach

Certbar’s team aims to follow a security checklist and a number of tools when assessing the security of Windows executable files to achieve better pentest results. Thick client applications pentesting in highly volatile and we follow an overarching methodology that also includes all the relevant and up-to-date knowledge on the subject.

Thick client applications can be developed using various programming languages such as .Net, Java, C/C++, Microsoft Silverlight and more.

Contact Us

Starting Checks (Information Gathering)

01.

Static Tools
CFF Explorer, PEid, Detect It Easy (DIE), Strings, etc.

02.

De-Obfuscators or Decompilers Tools
dnSpy, ILSpy, JetBrains DotPeek, de4dot, NeonFuscator-Deobfuscator, etc.

03.

Network Sniffers
Wireshark, TCPView, SmartSniff, tcpdump, Microsoft Network Monitor 3.4, etc.

04.

Proxy Tools
Burp Suite, Fiddler, Echo Mirage, Charles Web Debugging Proxy, etc.

Methodology

Our holistic thick client penetration testing methodology is best equipped to discover security vulnerabilities along with finding business logic vulnerabilties with our tailor designed security checklists based on industry standards, including OWASP Top Ten, PCI Compliance, and NIST 800-53.

Application Scoping

Mapping & Service Identification

Hardcoded Sensitive Information in Code

Hardcoded Sensitive Information in Code

Application Scanning

Application Scanning

Vulnerability Identification

Post Exploitation

DLL Hijacking

Lack of Code Obfuscation

Take control of your cyber security, choose our ultimate protection

Experience unbeatable cyber security with Certbar Security 
Contact us today to learn more

Contact Us
Linkedin Instagram

Surat

Certbar Security

409 - Sunday Hub, Ambatalavdi, Surat, Gujarat, India - 395004.

Contact

Office No.

+91 79848 18161

Work Inquiries

Interested in working with us?

[email protected]

Career

Looking for a job opportunity?

See open positions

Important Links

Our Partners

Register With:

Linkedin Instagram

Register With:

Surat

Certbar Security

409 - Sunday Hub, Ambatalavdi, Surat, Gujarat, India - 395004.

Contact

Office No.

+91 79848 18161

Work Inquiries

Interested in working with us?

[email protected]

Career

Looking for a job opportunity?

See open positions

Important Links

Our Partners

Linkedin Instagram

Surat

Certbar Security

409 - Sunday Hub, Ambatalavdi, Surat, Gujarat, India - 395004.

Contact

Office No.

+91 79848 18161

Work Inquiries

Interested in working with us?

[email protected]

Career

Looking for a job opportunity?

See open positions

Important Links

Our Partners

Register With:

© 2016-2023, Certbar Security. All rights reserved.

Privacy & Cookie Policy

Privacy & Cookie Policy

© 2016-2023, Certbar Security. All rights reserved.

Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Schedule A Meet