Thick Client Pentesting Checklist

OWASP Based Checklist by Hariprasaanth R

Also available on Notion \

INFORMATION GATHERING

Information Gathering

Tools Used

GUI TESTING

Test For GUI Object Permission

Test GUI Content

Test For GUI Logic

Tools Used

FILE TESTING

Test For Files Permission

Test For File Continuity

Test For File Content Debugging

Test For File And Content Manipulation

Test For Function Exported

Test For Public Methods

Test For Decompile And Application Rebuild

Test For Decryption And DE obfuscation

Test For Disassemble and Reassemble

Tools Used

REGISTRY TESTING

Test For Registry Permissions

Test For Registry Contents

Test For Registry Manipulation

Tools Used

NETWORK TESTING

Test For Network

Tools Used

ASSEMBLY TESTING

Test For Assembly

Tools Used

MEMORY TESTING

Test For Memory Content

Test For Memory Manipulation

Test For Run Time Manipulation

Tools Used

TRAFFIC TESTING

Test For Traffic

Tools Used

COMMON VULNERABILITIES TESTING

Test For Common Vulnerabilities

Last updated