Thick Client Security Assessment

Thick Clients also known as heavy clients are full featured applications that are usually used within a network. They do not require a server to run and can be used offline. Data is usually fetched from a server however, if the server is offline, the application will still run.

Thick Client Pentest Checklist:

  • 1. Check for secure communication.
  • 2. check for snapshot of registries before and after installation.
Thick Client Security Assessment
  • 3. Check for stored credentials in config files.
  • 4. check Process memory for unencrypted credentials.
  • 5. Check DEP and ASLR status.
  • 6. check for DLL injection for .NET apps.
  • 7. Decompile executable
  • 7. Perform dynamic analysis with echo mirage and burp suite

tools used for TC assessment. echomirage, burpsuite, procmon, process explorer dnspy, ilspy

Shape Image

We are here to help

Please send us your queries at

Let’s Talk

Copyright @2021 The Security Owl. All Rights Reserved. Designed By Innobayt Solutions