Thick Client Security-Sensitive Info In Memory

In majority of cases information stored in memory won’t be encrypted. This unencrypted information might reveal sensitive data of particular thick client application. By using “Process Hacker” tool we can check for sensitive data stored in memory.

Steps to test:

Step 1: Download & install the “Process Hacker” tool from below link

Step 2: Login to thick client application and browse through all the functionalities. Open “process hacker” tool and look for .EXE files of thick client application which you are testing.

Step 3: Navigate to properties of .exe file(thick client which you are testing),select memory as shown in above screenshot. Now under memory select strings. Inside strings look for any sensitive information like Passwords, Pins, Internal API endpoints, tokens etc.

Remediation: Sensitive Information should be encrypted, If encryption not possible use Obfuscation techniques, take a call based on severity of application.

!! Happy Learning !!



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store