Overview What You Will Learn Curriculum Instructor

Course Overview

In the world of cybersecurity, understanding how to secure thick client applications is vital. This course provides a hands-on approach to penetration testing of thick client apps, focusing on the unique challenges and techniques involved in testing these types of applications. You'll gain practical experience in exploiting vulnerabilities, performing traffic analysis, reverse engineering, and launching various attacks on thick clients.

This course begins with setting up the necessary lab environment for testing thick client applications, with a step-by-step guide through the lab setup process. You will then move on to information gathering and vulnerability scanning using tools such as CFF Explorer and the Sysinternals Suite. From there, the course covers performing traffic analysis using Wireshark, BurpSuite, and MITM relays, followed by various client-server attack techniques, including privilege escalation, SQL injection, and memory-based attacks. Additionally, you will dive into reverse engineering using tools like Dotpeek, DnSpy, and ILSpy. The course wraps up with advanced techniques, such as forensic investigation and source code scanning.

By the end of this course, you will have gained the skills to effectively assess and penetrate thick client applications, making you proficient in reverse engineering, traffic analysis, and executing various attack vectors.

The necessary resources for this course are in the "Resources" section of Video 1.1. You can also access them through this direct link - https://github.com/ec-council-learning/Thick-Client-Penetration-Testing

What You Will Learn

  • How to set up and configure a lab environment for penetration testing of thick client applications.
  • Techniques for performing information gathering and vulnerability scanning using tools like CFF Explorer and Sysinternals Suite.
  • Methods for analyzing traffic and conducting network attacks using Wireshark , BurpSuite and MITM relay.
  • How to execute advanced client and server attacks including privilege escalation, SQL injection and memory-based attacks.
  • The fundamentals of reverse engineering thick client applications using Dotpeek, DnSpy , ILSpy , and other essential tools.

Program Curriculum

  • Introduction
  • Lab Setup – Part 1
  • Lab Setup – Part 2
  • Lab Setup – Part 3
  • Chapter 1 Quiz

  • Using CFF Explorer
  • Using Process Monitor
  • Using sysinternal Suite
  • Vulnerability Scanning
  • Chapter 2 Quiz

  • Traffic Analysis Using BurpSuite and MITM Relay
  • Traffic Analysis Using Echo Mirage
  • Traffic Analysis Using Wireshark
  • Chapter 3 Quiz

  • Dumping Connection String from Memory
  • Privilege Escalation
  • SQL Injection Attack
  • Chapter 4 Quiz

  • Using DnSpy
  • Using Dotpeek
  • Using ILSpy and Reflexil
  • Chapter 5 Quiz

  • Forensic Investigation
  • Side Channel Data Leak
  • Chapter 6 Quiz

  • About Other Attacks
  • Summary
Load more modules

Instructor

Sunil Gupta

A computer programmer and cybersecurity expert, Sunil Gupta consults in information technology with a focus on cybersecurity. He is an invited speaker for and a member of many key organizations. Sunil is a technology visionary and cybersecurity professional who thrives on solving complex problems. His career highlights include working with various companies, organizations and products. He is passionate about customer service and his role as a cybersecurity expert, and always exceeds his clients’ expectations. Sunil performs leading-edge security consulting and works in research and development as a security expert to advance the state of the art in information systems security.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering video-based learning with 700+ courses and diverse Learning Paths to enhance your skills.

$ 69.00
Billed monthly or $499.00 billed annually
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 79.00
Billed monthly or $699.00 billed annually
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • ⁠⁠3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • A Guide to Hands On Network Pentesting

    A Guide to Hands On Network Pentesting

    Short Course

    A Guide to Hands On Network Pentesting

    Vulnerability Assessment and Pentesting

    Learn how to perform vulnerability assessment and penetration...

    $4.99

    Intermediate

    4 hr 0 m

  • Kali for Penetration Testers

    Kali for Penetration Testers

    Short Course

    Kali for Penetration Testers

    Vulnerability Assessment and Pentesting

    Ethical Hacking with Kali Linux

    $69.99

    Beginner

    6 hr 49 m

  • Hands-on Zero Day Exploit

    Hands-on Zero Day Exploit

    Short Course

    Hands-on Zero Day Exploit

    Vulnerability Assessment and Pentesting

    Detect, contain and eliminate any breaches to your network as...

    $4.99

    Intermediate

    5 hr 7 m

  • Penetration Testing with OWASP ZAP

    Penetration Testing with OWASP ZAP

    Short Course

    Penetration Testing with OWASP ZAP

    Vulnerability Assessment and Pentesting

    Learn pentesting with complete hands-on practical course

    $4.99

    Advanced

    3 hr 40 m

  • 15 Must Have Tools for Pentesters

    15 Must Have Tools for Pentesters

    Short Course

    15 Must Have Tools for Pentesters

    Vulnerability Assessment and Pentesting

    Upgrade your penetration testing skillset by adopting the bes...

    $59.99

    Intermediate

    9 hr 15 m

  • Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Short Course

    Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Vulnerability Assessment and Pentesting

    The comprehensive course to secure & crack WEP/WPA/WPA2 k...

    $4.99

    Intermediate

    5 hr 12 m

  • Hands-on Guide to Social-Engineer Toolkit

    Hands-on Guide to Social-Engineer Toolkit

    Short Course

    Hands-on Guide to Social-Engineer Toolkit

    Vulnerability Assessment and Pentesting

    Learn pentesting with complete hands-on practicals

    $4.99

    Beginner

    4 hr 0 m

  • Burp Suite: Web Application Penetration Testing

    Burp Suite: Web Application Penetration Testing

    Short Course

    Burp Suite: Web Application Penetration Testing

    Vulnerability Assessment and Pentesting

    Simulate attacks through a hands-on approach within your web ...

    $4.99

    Intermediate

    2 hr 46 m

1 8