Thick client Test cases

INFORMATION GATHERING
Information Gathering

•  Find out the application architecture (two-tier or three-tier)

•  Find out the technologies used (languages and frameworks)

•  Identify network communication

•  Observe the application process

•  Observe each functionality and behavior of the application

•  Identify all the entry points

•  Analyze the security mechanism (authorization and authentication)

Tools Used

•  CFF Explorer

•  Sysinternals Suite

•  Wireshark

•  PEid

•  Detect It Easy (DIE)

•  Strings

GUI TESTING
Test For GUI Object Permission

•  Display hidden form object

•  Try to activate disabled functionalities

•  Try to uncover the masked password

Test GUI Content

•  Look for sensitive information

Test For GUI Logic

•  Try for access control and injection-based vulnerabilities

•  Bypass controls by utilizing intended GUI functionality

•  Check improper error handling

•  Check weak input sanitization

•  Try privilege escalation (unlocking admin features to normal users)

•  Try payment manipulation

Tools Used

•  UISpy

•  Winspy++

•  Window Detective

•  Snoop WPF

FILE TESTING
Test For Files Permission

•  Check permission for each and every file and folder

Test For File Continuity

•  Check strong naming

•  Authenticate code signing

Test For File Content Debugging

•  Look for sensitive information on the file system (symbols, sensitive data, passwords, configurations)

•  Look for sensitive information on the config file

•  Look for Hardcoded encryption data

•  Look for Clear text storage of sensitive data

•  Look for side-channel data leakage

•  Look for unreliable log

Test For File And Content Manipulation

•  Try framework backdooring

•  Try DLL preloading

•  Perform Race condition check

•  Test for Files and content replacement

•  Test for Client-side protection bypass using reverse engineering

Test For Function Exported

•  Try to find the exported functions

•  Try to use the exported functions without authentication

Test For Public Methods

•  Make a wrapper to gain access to public methods without authentication

Test For Decompile And Application Rebuild

•  Try to recover the original source code, passwords, keys

•  Try to decompile the application

•  Try to rebuild the application

•  Try to patch the application

Test For Decryption And DE obfuscation

•  Try to recover original source code

•  Try to retrieve passwords and keys

•  Test for lack of obfuscation

Test For Disassemble and Reassemble

•  Try to build a patched assembly

Tools Used

•  Strings

•  dnSpy

•  Procmon

•  Process Explorer

•  Process Hacker

REGISTRY TESTING
Test For Registry Permissions

•  Check read access to the registry keys

•  Check to write access to the registry keys

Test For Registry Contents

•  Inspect the registry contents

•  Check for sensitive info stored on the registry

•  Compare the registry before and after executing the application

Test For Registry Manipulation

•  Try for registry manipulation

•  Try to bypass authentication by registry manipulation

•  Try to bypass authorization by registry manipulation

Tools Used

•  Regshot

•  Procmon

•  Accessenum

NETWORK TESTING
Test For Network

•  Check for sensitive data in transit

•  Try to bypass firewall rules

•  Try to manipulate network traffic

Tools Used

•  Wireshark

•  TCPview

ASSEMBLY TESTING
Test For Assembly

•  Verify Address Space Layout Randomization (ASLR)

•  Verify SafeSEH

•  Verify Data Execution Prevention (DEP)

•  Verify strong naming

•  Verify ControlFlowGuard

•  Verify HighentropyVA

Tools Used

•  PESecurity

MEMORY TESTING
Test For Memory Content

•  Check for sensitive data stored in memory

Test For Memory Manipulation

•  Try for memory manipulation

•  Try to bypass authentication by memory manipulation

•  Try to bypass authorization by memory manipulation

Test For Run Time Manipulation

•  Try to analyze the dump file

•  Check for process replacement

•  Check for modifying assembly in the memory

•  Try to debug the application

•  Try to identify dangerous functions

•  Use breakpoints to test each and every functionality

Tools Used

•  Process Hacker

•  HxD

•  Strings

TRAFFIC TESTING
Test For Traffic

•  Analyze the flow of network traffic

•  Try to find sensitive data in transit

Tools Used

•  Echo Mirage

•  MITM Relay

•  Burp Suite

COMMON VULNERABILITIES TESTING
Test For Common Vulnerabilities

•  Try to decompile the application

•  Try for reverse engineering

•  Try to test with OWASP WEB Top 10

•  Try to test with OWASP API Top 10

•  Test for DLL Hijacking

•  Test for signature checks (Use Sigcheck)

•  Test for binary analysis (Use Binscope)

•  Test for business logic errors

•  Test for TCP/UDP attacks

•  Test with automated scanning tools (Use Visual Code Grepper - VCG)