# Standards — Thick Client Application Penetration Testing ## Frameworks - OWASP Thick Client Top 10: https://owasp.org/www-project-thick-client-top-10/ - PTES Application Security: http://www.pentest-standard.org/ - CWE Top 25: https://cwe.mitre.org/top25/ ## OWASP Thick Client Top 10 1. Improper Platform Usage 2. Insecure Data Storage 3. Insecure Communication 4. Insecure Authentication 5. Insufficient Cryptography 6. Insecure Authorization 7. Client Code Quality 8. Code Tampering 9. Reverse Engineering 10. Extraneous Functionality