Difference between revisions of "OWASP Windows Binary Executable Files Security Checks Project"

From OWASP
Jump to: navigation, search
Line 9: Line 9:
 
==Thick Client Security Testing==
 
==Thick Client Security Testing==
  
===1. Information Gathering===
+
===Information Gathering===
  
====1.1. Application Architecture====
+
====Application Architecture====
  
====1.2. Platform Mapping====
+
====Platform Mapping====
  
====1.3. Languages and Frameworks====
+
====Languages and Frameworks====
  
===2. Client Side attacks===
+
==Client Side attacks===
  
====2.1. Files Analysis====
+
====Files Analysis====
  
====2.2. Binary Analysis====
+
====Binary Analysis====
  
====2.3. Memory Analysis====
+
====Memory Analysis====
  
===3. Network Side Attacks===
+
===Network Side Attacks===
  
====3.1. Installation Traffic====
+
====Installation Traffic====
  
====3.2. Run Time Traffic====
+
====Run Time Traffic====
  
===4. Server Side Attacks===
+
===Server Side Attacks===
  
====4.1. Network Layer Attacks====
+
====Network Layer Attacks====
  
====4.2. Layer 7 Attacks====
+
====Layer 7 Attacks====
  
 
= Project About =
 
= Project About =

Revision as of 10:23, 22 August 2013

This checklist represent a series of tests and the associated tools to perform the tasks related to thick client testing.

We define the thick client as a computer (client) in client–server architecture or networks that typically provides rich functionality independent of the central server. The focus of this checklist will be around PC/Windows architecture, although general concepts apply to all thick clients.

Contents

The Map

Thick client testing.jpg

Thick Client Security Testing

Information Gathering

Application Architecture

Platform Mapping

Languages and Frameworks

Client Side attacks=

Files Analysis

Binary Analysis

Memory Analysis

Network Side Attacks

Installation Traffic

Run Time Traffic

Server Side Attacks

Network Layer Attacks

Layer 7 Attacks

Project About

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Windows Binary Executable Files Security Checks Project (home page)
Purpose: The "Windows Binary Executable Files Security Checks" documentation project aims to provide a security check-list and tools necessary to assess the security of Windows executable files.
License: Creative Commons Attribution ShareAlike 3.0 License (best for documentation projects)
who is working on this project?
Project Leader(s):
  • Dan Vasile @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Dan Vasile @ to contribute to this project
  • Contact Dan Vasile @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases