Comments on: A Lazy Pen Tester’s Guide to Testing Flash Applications

By: Flash vs Silverlight

Flash vs Silverlight — Fri, 27 Aug 2010 18:23:23 +0000

A good topic to share. In my view using Flash application is not a good deal now a days because Microsoft has lunched silverlight which is good comparison for flash

By: John Gag

John Gag — Wed, 28 Jul 2010 16:45:24 +0000

Great article with loads of information. Thanks again!

By: babor hossain

babor hossain — Sat, 19 Jun 2010 06:53:51 +0000

Most important post .Thanks for sharing

By: シティゴールド

シティゴールド — Thu, 20 May 2010 07:22:18 +0000

I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog posts. Any way I’ll be subscribin

By: Penetration Test

Penetration Test — Sun, 14 Mar 2010 07:58:32 +0000

One of the most comprehensive lists I have seen.

By: Open Source Flash#5: AS3 Sockets and Security | Mtdjing

Open Source Flash#5: AS3 Sockets and Security | Mtdjing — Thu, 25 Feb 2010 02:31:12 +0000

[...] Regarding Flash/AS3… Well they did not design a secure system thats for sure. But this post is more to discuss the Socket implementation and some minor aspects that might help those in need, rather than reflecting upon security on flash (take a look at this if you’re on that page and test your apps firmly, like this). [...]

By: smith White

smith White — Tue, 23 Feb 2010 00:30:31 +0000

Hi,

interesting post and thanks for sharing Underestimating risk is a constant threat in security .About penetration testing read more here

http://www.eccouncil.org/certification/licensed_penetration_tester.aspx

Smith

By: Prathamesh

Prathamesh — Thu, 18 Feb 2010 17:27:13 +0000

@ Original comment:

Forgot mention that i need an elaboration on server side testing.

By: Prathamesh

Prathamesh — Thu, 18 Feb 2010 17:25:41 +0000

Hi Rudrak,

Your article is very nice, I am confused about one thing. When I went through the article. I saw that so far I am doing only client side testing for Flash. If you can elaborate on this, I am also confused about AMF.

Thanks in advance,
Prathamesh

By: Bookmarks for January 17th through February 15th at Ed Smiley’s Blog

Bookmarks for January 17th through February 15th at Ed Smiley’s Blog — Tue, 16 Feb 2010 03:04:29 +0000

[...] Testing Flash Applications | A Lazy Pen Tester’s Guide – While there are some tools and white papers available, I could not find many authoritative resources which wraps the entire spectrum of flash security testing of RIA applications. So here is an endeavor to detail out the steps of testing. I will keep this post only to outline the essential steps or points. [...]