.

Windows Application Testing - Various Types / Categories of Testing?

<<

morpheus063

User avatar

Sr. Member
Sr. Member

Posts: 393

Joined: Sun Jun 25, 2006 10:08 am

Location: Cochin - India

Post Wed Aug 05, 2009 12:12 pm

Windows Application Testing - Various Types / Categories of Testing?

Hi All,

We have a lot of security testing for web applications. However, from a security testing point of view, what are the types or categories of Windows Application Testing. For example, according to OWASP, the top ten security vulnerabilities (test that we can perform on a web app) are:

  • Unvalidated Parameters
  • Broken Access Control
  • Broken Account and Session Management
  • Cross-Site Scripting (XSS) Flaws
  • Buffer Overflows
  • Command Injection Flaws
  • Error Handling Problems
  • Insecure Use of Cryptography
  • Remote Administration Flaws
  • Web and Application Server Misconfiguration

Is there any classification for Windows application similar to web apps?

Thanks in advance.
Manu Zacharia
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor

[b]There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n
<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Sun Aug 09, 2009 8:56 pm

Re: Windows Application Testing - Various Types / Categories of Testing?

The Mitre/SANS top 25 list might be the closest thing, but it does include web based attacks.
http://cwe.mitre.org/top25/
twitter.com/timmedin | http://blog.securitywhole.com

Return to Other

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software