Thick client applications — desktop software, native Windows/Mac applications, and client-server architectures — face security challenges distinct from web applications: business logic may execute client-side (and can be reverse-engineered or manipulated), data may be stored locally (in files, registries, or local databases), communication with backend servers may use custom protocols, and the application binary itself can be analysed and modified. Testing covers: binary analysis and reverse engineering, local data storage security, network communication interception and manipulation, authentication and session handling, client-side validation bypass, DLL hijacking and injection, and memory analysis for sensitive data exposure.
Technical2027-02-22
Thick Client Application Security Testing: Desktop and Native Application Assessment สำหรับองค์กรไทย
Desktop and native applications face different threats from web apps. Testing client-side logic, local storage, and communication security. Guidance for TH market.