Scribd Logo
Upload

Welcome to Scribd!

  • OWASP Pentesting Checklist

    Uploaded by

    Dodi Irawan
    45 views8 pages
    The document provides a checklist for thick client penetration testing with over 80 test cases organized into various sections like information gathering, GUI testing, file testing, registry testing, network testing, assembly testing, memory testing, and traffic testing. It includes identifying technologies, permissions, logic, content manipulation, decompile and rebuild, registry and memory manipulation tests. Recommended tools include CFF Explorer, Sysinternals Suite, UISpy, Winspy++, Strings, dnSpy, Procmon, Wireshark, and Burp Suite.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides a checklist for thick client penetration testing with over 80 test cases organized into various sections like information gathering, GUI testing, file testing, registry testing, network testing, assembly testing, memory testing, and traffic testing. It includes identifying technologies, permissions, logic, content manipulation, decompile and rebuild, registry and memory manipulation tests. Recommended tools include CFF Explorer, Sysinternals Suite, UISpy, Winspy++, Strings, dnSpy, Procmon, Wireshark, and Burp Suite.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    45 views8 pages

    OWASP Pentesting Checklist

    Uploaded by

    Dodi Irawan
    The document provides a checklist for thick client penetration testing with over 80 test cases organized into various sections like information gathering, GUI testing, file testing, registry testing, network testing, assembly testing, memory testing, and traffic testing. It includes identifying technologies, permissions, logic, content manipulation, decompile and rebuild, registry and memory manipulation tests. Recommended tools include CFF Explorer, Sysinternals Suite, UISpy, Winspy++, Strings, dnSpy, Procmon, Wireshark, and Burp Suite.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 8

    THICK CLIENT

    PENTESTING CHECKLIST

    OWASP Based Checklist 🌟🌟


    80+ Test Cases 🚀🚀

    /
    INFORMATION GATHERING

    om
    t.c
    1. Information Gathering

    po
    ☐ Find out the application architecture (two-tier or three-tier)

    gs
    ☐ Find out the technologies used (languages and frameworks)
    ☐ Identify network communication
    b lo
    h.

    ☐ Observe the application process


    a nt

    ☐ Observe each functionality and behavior of the application


    sa

    ☐ Identify all the entry points


    ra
    ip

    ☐ Analyze the security mechanism (authorization and authentication)


    ar
    //h

    2. Tools Used
    s:

    ☐ CFF Explorer
    tp


    ht

    Sysinternals Suite
    ☐ Wireshark
    ☐ PEid
    ☐ Detect It Easy (DIE)
    ☐ Strings
    GUI TESTING

    1. Test For GUI Object Permission


    ☐ Display hidden form object
    ☐ Try to activate disabled functionalities
    ☐ Try to uncover the masked password

    2. Test GUI Content


    ☐ Look for sensitive information

    /
    om
    t.c
    3. Test For GUI Logic

    po
    Try for access control and injection-based vulnerabilities

    gs
    ☐ Bypass controls by utilizing intended GUI functionality
    ☐ Check improper error handling
    b lo
    h.
    ☐ Check weak input sanitization
    nt

    ☐ Try privilege escalation (unlocking admin features to normal users)


    a
    sa

    ☐ Try payment manipulation


    ra
    ip

    4. Tools Used
    ar


    //h

    UISpy

    s:

    Winspy++
    tp

    ☐ Window Detective
    ht

    ☐ Snoop WPF
    FILE TESTING

    1. Test For Files Permission


    ☐ Check permission for each and every file and folder

    2. Test For File Continuity


    ☐ Check strong naming
    ☐ Authenticate code signing

    /
    om
    3. Test For File Content Debugging
    ☐ Look for sensitive information on the file system (symbols, sensitive

    t.c
    data, passwords, configurations)

    po
    ☐ Look for sensitive information on the config file

    gs
    ☐ Look for Hardcoded encryption data
    b lo

    h.
    Look for Clear text storage of sensitive data
    nt

    ☐ Look for side-channel data leakage


    a
    sa

    ☐ Look for unreliable log


    ra
    ip

    4. Test For File And Content Manipulation


    ar

    ☐ Try framework backdooring


    //h

    ☐ Try DLL preloading


    s:
    tp

    ☐ Perform Race condition check


    ht

    ☐ Test for Files and content replacement


    ☐ Test for Client-side protection bypass using reverse engineering

    5. Test For Function Exported


    ☐ Try to find the exported functions
    ☐ Try to use the exported functions without authentication
    6. Test For Public Methods
    ☐ Make a wrapper to gain access to public methods without authentication

    7. Test For Decompile And Application Rebuild


    ☐ Try to recover the original source code, passwords, keys
    ☐ Try to decompile the application
    ☐ Try to rebuild the application
    ☐ Try to patch the application

    /
    om
    8. Test For Decryption And DE obfuscation

    t.c
    ☐ Try to recover original source code

    po
    ☐ Try to retrieve passwords and keys

    gs
    ☐ Test for lack of obfuscation
    lo
    b
    h.

    9. Test For Disassemble and Reassemble


    nt

    ☐ Try to build a patched assembly


    a
    sa
    ra

    10. Tools Used


    ip

    ☐ Strings
    ar

    ☐ dnSpy
    //h


    s:

    Procmon
    tp

    ☐ Process Explorer
    ht

    ☐ Process Hacker
    REGISTRY TESTING

    1. Test For Registry Permissions


    ☐ Check read access to the registry keys
    ☐ Check to write access to the registry keys

    2. Test For Registry Contents


    ☐ Inspect the registry contents
    ☐ Check for sensitive info stored on the registry

    /
    om
    ☐ Compare the registry before and after executing the application

    t.c
    po
    3. Test For Registry Manipulation

    gs
    ☐ Try for registry manipulation
    ☐ lo
    Try to bypass authentication by registry manipulation
    b
    h.

    ☐ Try to bypass authorization by registry manipulation


    nt
    a
    sa

    4. Tools Used

    ra

    Regshot
    ip

    ☐ Procmon
    ar


    //h

    Accessenum
    s:
    tp
    ht
    NETWORK TESTING

    1. Test For Network


    ☐ Check for sensitive data in transit
    ☐ Try to bypass firewall rules
    ☐ Try to manipulate network traffic

    2. Tools Used
    ☐ Wireshark

    /
    om
    ☐ TCPview

    t.c
    po
    ASSEMBLY TESTING

    gs
    1. Test For Assembly b lo
    ☐ Verify Address Space Layout Randomization (ASLR)
    h.


    nt

    Verify SafeSEH
    a

    ☐ Verify Data Execution Prevention (DEP)


    sa


    ra

    Verify strong naming


    ip

    ☐ Verify ControlFlowGuard
    ar


    //h

    Verify HighentropyVA
    s:
    tp

    2. Tools Used
    ht

    ☐ PESecurity
    MEMORY TESTING

    1. Test For Memory Content


    ☐ Check for sensitive data stored in memory

    2. Test For Memory Manipulation


    ☐ Try for memory manipulation
    ☐ Try to bypass authentication by memory manipulation
    ☐ Try to bypass authorization by memory manipulation

    /
    om
    t.c
    3. Test For Run Time Manipulation

    po
    Try to analyze the dump file

    gs
    ☐ Check for process replacement
    ☐ lo
    Check for modifying assembly in the memory
    b
    h.
    ☐ Try to debug the application
    nt

    ☐ Try to identify dangerous functions


    a
    sa

    ☐ Use breakpoints to test each and every functionality


    ra
    ip

    4. Tools Used
    ar


    //h

    Process Hacker

    s:

    HxD
    tp

    ☐ Strings
    ht
    TRAFFIC TESTING

    1. Test For Traffic


    ☐ Analyze the flow of network traffic
    ☐ Try to find sensitive data in transit

    2. Tools Used
    ☐ Echo Mirage
    ☐ MITM Relay

    /
    om
    ☐ Burp Suite

    t.c
    po
    COMMON VULNERABILITIES TESTING

    gs
    1. Test For Common Vulnerabilities
    lo
    b
    ☐ Try to decompile the application
    h.


    nt

    Try reverse engineering


    a

    ☐ Try to test with OWASP WEB Top 10


    sa


    ra

    Try to test with OWASP API Top 10


    ip

    ☐ Test for DLL Hijacking


    ar


    //h

    Test for signature checks (Use Sigcheck)


    s:

    ☐ Test for binary analysis (Use Binscope)


    tp

    ☐ Test for business logic errors


    ht

    ☐ Test for TCP/UDP attacks


    ☐ Test with automated scanning tools (Use Visual Code Grepper - VCG)

    You might also like