Fat Client Security Testing

Not every application that communicates with a server runs as a light-weight frontend in your browser. Applications that communicate with a server, but execute a large number of calculations and processes on the client are called Fat Client Applications or Thick Client Applications. This includes, for instance, applets, internet-of-things devices (IoT devices) or smart home devices.

Testing Fat (Thick) Client Applications differs from testing of normal web applications in a few aspects. Special emphasis has to be placed on the client-side and its logic. For that, the device itself or platform specific features and properties have to be taken into account.

We can help you with:

  • Analysis of network communication (HTTP, TCP, …), local files as well as the behaviour of the application during the installation and runtime
  • Binary analysis (by decompiling the code and general analysis/debugging of other executable files)
  • Source code analysis if the code is not available
  • Storage analysis
  • Extensive report with proposed measures in your desired format
Fat Client Security Testing

See also:

Static code analysis can be a supplement or alternative to penetration testing:

Additional information:

The Big Application Security Penetration Testing FAQ for Clients provides answers to many important questions concerning the commissioning of penetration tests.

Maximiliane Zirm

Your Contact:

Maximiliane Zirm

Contact us via email.
Or call us or use our special contact form.