Is there any way to intercept thick client application traffic?
Another problem I am facing is, if the application is using windows domain authentication (NTLM Authentication), the TCP traffic will then be encrypted. Is there any way to see the plain text traffic and modify the data before it’s sent to server (just like how Burp did it for HTTPS traffic)?
Which is a proxy tool for thick client applications?
Mallory is a proxy tool that can intercept TCP and UDP traffic and can be used to capture network traffic or thick client applications using both HTTP (S) and non-HTTP (S) traffic. In manycases, the above mentioned tools like Echo Mirage get hanged due to heavy network traffic and become difficult to test. Mallory comes to the rescue in such cases.
How to do traffic analysis for thick client penetration testing?
Step 1: Ping the url you have got for testing (say www.thickclienturl.com) Step 2: Note the reply ip address you get in the cmd console. Step 3: Now we need to know on which ports is the application interacting to send traffic. Now launch wireshark and activate it to capture active packets.
Is there a thick client application for pentesting?
Has anyone come across a thick client application for pentesting, or know whether there is any software that can work as an interceptor proxy like Burp Suite for thick client applications? I am looking for a tool that is not only able to intercept http traffic but also tcp traffic. I have done some searching on google and found Mallory.
How is Burp used in thick client applications?
The BURP proxy tool can be used in invisible proxy mode to intercept the request from non-proxy-aware thick client applications (HTTP/HTTPS traffic only). Mallory is a proxy tool that can intercept TCP and UDP traffic and can be used to capture network traffic or thick client applications using both HTTP (S) and non-HTTP (S) traffic.