.NET Penetration Testing

From OWASP
Jump to: navigation, search
.NET Security Quick Reference

.NET Penetration Testing

Plan, Discover, Attack and Report - this section is for tools, checklists and references for penetration testing .NET web applications and services.

Areas of Concern

  • Planning the hack
  • Ethically hacking
  • Attack Vectors
  • Intelligence gathering
  • Reporting

Blogs, Articles & Projects

OWASP .NET Vulnerability Research

Microsoft SDL (Secure Development Lifecycle)

.NET CORE Security

Microsoft Security Research Center (MSRC)

References

Rooting the CLR (Draft)

NIST 800-42 Guideline on Network Security Testing

ISECOM Open Source Security Testing Methodology Manual

OISSG Information Systems Security Assessment Framework (ISSAF)

Tools

Source Code Audit Tools