Client side penetration testing is used to discover vulnerabilities or security weaknesses in client side applications.
These could be a program or applications such as Putty, email clients, web browsers (i.e. Chrome, Firefox, Safari, etc.), Macromedia Flash, and others. Programs like Adobe Photoshop and the Microsoft Office Suite are also subject to testing.
How reliable is the security posture of an organization?
Are there any vulnerabilities?
What harm can an attacker do by exploiting these vulnerabilities?
How can a malicious actor exploit a vulnerability?
Are the access rights and privileges for employees set correctly?
How can the detected weak points be closed in an economical and sensible way?
Client-side tests are performed to identify specific cyber attacks including:
Cross-Site Scripting Attacks
Clickjacking Attacks
Cross-Origin Resource Sharing (CORS)
Form Hijacking
HTML Injection
Open Redirection
Malware Infection