JNLP Application Security Assessment – Part 4 : Dynamic analysis

The post has moved. You can find the complete post in:

http://www.pigadas.com/blog/2011/09/24/jnlp-application-security-assessment-%e2%80%93-part-4-dynamic-analysis/

 

5 responses to “JNLP Application Security Assessment – Part 4 : Dynamic analysis

  1. Pingback: JNLP Application Security Assessment – Setting the scene « ran(d|t)()

  2. Luca September 28, 2011 at 6:43 am

    Enjoyed the post! You may have a look at this as well: http://blog.nibblesec.org/2009/04/client-side-code-execution-via-jnlp.html

    Cheers,
    Luca

    • zqyves September 28, 2011 at 12:13 pm

      Hello Luca,

      I am glad you enjoyed the posts.

      Yeah, I chose not to include this attack vector in the posts mainly because it is a problem of the underlying java (in its implementation of the jnlp application execution protocol) rather than a problem of a jnlp application itself.

      Best regards,
      ./Z

  3. Neil December 15, 2011 at 5:29 am

    Great series of posts… I would check out JavaSnoop as well for dynamic analysis of Java applications (https://www.aspectsecurity.com/research/appsec_tools/javasnoop/).

    – nb

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: