This course introduces students to the penetration testing concepts associated with Thick Client Applications. This is an entry level to intermediate level course and we encourage you to take this course if you are interested to learn Thick Client Application Security. This course uses a modified version of vulnerable Thick Client Application called DVTA to demonstrate how thick client application vulnerabilities can be identified and exploited. This course teaches you a variety of Thick Client Application security concepts such as Information Gathering, Traffic Analysis, Reversing & Patching .NET binaries, Insecure Data Storage, Decrypting encrypted secrets, Privilege Escalation etc. This course acts as a great introduction to spotting and exploiting vulnerabilities in windows executables. Though the course focuses on windows executable files specifically C# .NET binaries, the concepts remain the same for executables of any platform.
What do you learn?
Learn practical thick client application penetration testing techniques
How to reverse engineer .NET binaries
Students will learn how to patch .NET binaries
How to identify and exploit common security issues in 2-tier applications
Learn multiple ways to intercept TCP traffic coming from thick client apps
Get real world thick client application penetration testing experience
Learn how to use several thick client application penetration testing tools
A computer with administrative access, if you want to follow the hands-on exercises.
It is good to have some security background, but not mandatory.
Who is this course for?
Bug bounty hunters
Red Team Operators
Anyone interested in application security