We have a lot of security testing for web applications. However, from a security testing point of view, what are the types or categories of Windows Application Testing. For example, according to OWASP, the top ten security vulnerabilities (test that we can perform on a web app) are:
- Unvalidated Parameters
- Broken Access Control
- Broken Account and Session Management
- Cross-Site Scripting (XSS) Flaws
- Buffer Overflows
- Command Injection Flaws
- Error Handling Problems
- Insecure Use of Cryptography
- Remote Administration Flaws
- Web and Application Server Misconfiguration
Is there any classification for Windows application similar to web apps?
Thanks in advance.
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor
[b]There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n