Thick client assessment: local data storage, inter-process communication, traffic interception, DLL/binary protections, and privilege handling.
68 checks · progress and notes saved in your browser
Establish visibility into the thick-client application: intercept and analyze its traffic, fingerprint its underlying framework and architecture, and inspect both HTTP and non-HTTP protocols before deeper testing.
Examine how the client persists data locally: configuration files, the Windows registry, embedded databases, and cached credentials or tokens that may expose secrets to a local attacker.
Analyze the running process and compiled binary: secrets in memory, exploit-mitigation flags, DLL hijacking exposure, and anti-tamper / anti-debug defenses.
Test inter-process communication channels and the update mechanism: named pipes, COM/DCOM/RPC interfaces, and the integrity of the software update path.
Test the application trust model: client-side authentication and licensing that can be patched or bypassed, process/service privilege configuration, and hardcoded credentials or keys.