On which aspects i should put more emphasis for Security Testing of the Desktop Based Application?

Question

I am testing one Desktop based client server application. I want to perform a Security test of that application.

Can anybody explain me which points i can consider while performing Security Test of the Desktop application?

Answer 1

Testing of desktop application is easier than web application as there are less users than web applications.

Followings are two important point that you need to keep in mind during security testing of desktop application

• Test user’s rights and roles-authorized person should allow to login

• Test security of data or information stored in application.

Answer 2

Security testing on Desktop application is not that much easy task, in market we can't find the proper free tools like web application tools

for java based desktop application use JavaSnoop tool and proxy tool

for .Net based desktop application use echo-mirage and proxy tools

the test cases are quite simple 1. System testing: verification of registries, files and logs 2. Static testing: de-compile the files and do code-review, Gendarme tool is perfect - do memory dump analysis 3. Dynamic testing: verify the communication

i hope this will help you