SANS Penetration Testing: Daily Archives: Oct 18, 2011

Tips for Fat Client, Web App, and Mobile Pen Testing Serialized Object Communication Using the Burp Suite

[A couple of weeks ago on the GPWN mailing list open to alums of SANS Pen Test courses, there was a discussion about attacking fat client, web apps, and mobile applications using Java Serialized Objects communicating with a back-end server. Miika Turkia posted a response to some questions there about an approach to altering the … Continue reading Tips for Fat Client, Web App, and Mobile Pen Testing Serialized Object Communication Using the Burp Suite