About Course

This course introduces students to the penetration testing concepts associated with Thick Client Applications. This is an entry level to intermediate level course and we encourage you to take this course if you are interested to learn Thick Client Application Security. This course uses a modified version of vulnerable Thick Client Application called DVTA to demonstrate how thick client application vulnerabilities can be identified and exploited. This course teaches you a variety of Thick Client Application security concepts such as Information Gathering, Traffic Analysis, Reversing & Patching .NET binaries, Insecure Data Storage, Decrypting encrypted secrets, Privilege Escalation etc. This course acts as a great introduction to spotting and exploiting vulnerabilities in windows executables. Though the course focuses on windows executable files specifically C# .NET binaries, the concepts remain the same for executables of any platform.

What do you learn?

Learn practical thick client application penetration testing techniques

How to reverse engineer .NET binaries

Students will learn how to patch .NET binaries

How to identify and exploit common security issues in 2-tier applications

Learn multiple ways to intercept TCP traffic coming from thick client apps

Get real world thick client application penetration testing experience

Learn how to use several thick client application penetration testing tools

Prerequisite

A computer with administrative access, if you want to follow the hands-on exercises.

It is good to have some security background, but not mandatory.

Who is this course for?

Bug bounty hunters

Penetration Testers

Security Auditors

Red Team Operators

.Net Developers

Anyone interested in application security