Re: Flash Web Application

[Nikhil Wagholikar <visitnikhil () gmail com>]

Hello Zaki Akhmad,

Here are few links you can look for pen testing flash web application:

http://www.owasp.org/index.php/Category:OWASP_Flash_Security_Project
http://www.darknet.org.uk/2008/02/swfintruder-analysis-and-security-testing-of-flash-applications/
http://osflash.org/pipermail/autotestflash_osflash.org/2005-July/000002.html
http://www.softwareqatest.com/qatweb1.html
Flash Parameter Injection -blog.watchfire.com/FPI.ppt

Hope this helps!

---
Nikhil Wagholikar
Practice Lead  | Security Assessments & Digital Forensics
Network Intelligence India Pvt. Ltd. [NII Consulting]
Web: http://www.niiconsulting.com/
Comprehensive Information Security Training
http://iisecurity.in/courses/Training Calendar.html

On 26 January 2010 08:28, Zaki Akhmad <zakiakhmad () gmail com> wrote:
> Hello,
>
> I want to learn pentesting flash web application. The authentication
> also using flash. Any hint where I should start to pentest flash web
> application?
>
> Can I use webscarab to see what happen on the site?
>
> --
> Zaki Akhmad
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------