Difference between revisions of ".NET Penetration Testing"

From OWASP
Jump to: navigation, search
m (Online Media (Podcasts, Webcasts, Presentations, eBooks etc.))
 
(5 intermediate revisions by one user not shown)
Line 21: Line 21:
 
*Reporting
 
*Reporting
  
===Articles===
+
===Blogs, Articles & Projects===
 +
[[OWASP .NET Vulnerability Research]]
  
 +
[http://blogs.msdn.com/hackers/ MSDN Hackers]
 +
 +
[http://msdn.microsoft.com/en-us/magazine/cc507646.aspx MSDN Magazine: Security Briefs: Penetration Testing]
 +
 +
[http://blogs.microsoft.co.il/blogs/alikl/archive/2006/12/29/Wrong-Way-To-Do-Penetration-Testing.aspx Wrong Way to Do Penetration Testing]
 +
 +
===Online Media (Podcasts, Webcasts, Presentations, eBooks etc.)===
 +
[http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032308087&CountryCode=US MSDN Webcast: Penetration Testing with Visual Studio Team System and Fortify Security Tester]
 +
 +
[http://www.hackerz.ir/e-books/Penetration%20Testing%20For%20Web%20Applications%20Part%201.pdf Penetration Testing for Web Applications Part 1 (PDF)] link broken 2011.05.04 14.14 PM (GMT+7)
 +
 +
[http://www.hackerz.ir/e-books/Penetration%20Testing%20For%20Web%20Applications%20Part%202.pdf Penetration Testing for Web Applications Part 2 (PDF)] link broken 2011.05.04 14.14 PM (GMT+7)
  
 
===References===
 
===References===

Latest revision as of 02:14, 4 May 2011

.NET Security Quick Reference

Contents

.NET Penetration Testing

Plan, Discover, Attack and Report - this section is for tools, checklists and references for penetration testing .NET web applications and services.

Areas of Concern

  • Planning the hack
  • Ethically hacking
  • Attack Vectors
  • Intelligence gathering
  • Reporting

Blogs, Articles & Projects

OWASP .NET Vulnerability Research

MSDN Hackers

MSDN Magazine: Security Briefs: Penetration Testing

Wrong Way to Do Penetration Testing

Online Media (Podcasts, Webcasts, Presentations, eBooks etc.)

MSDN Webcast: Penetration Testing with Visual Studio Team System and Fortify Security Tester

Penetration Testing for Web Applications Part 1 (PDF) link broken 2011.05.04 14.14 PM (GMT+7)

Penetration Testing for Web Applications Part 2 (PDF) link broken 2011.05.04 14.14 PM (GMT+7)

References

Rooting the CLR (Draft)

NIST 800-42 Guideline on Network Security Testing

ISECOM Open Source Security Testing Methodology Manual

OISSG Information Systems Security Assessment Framework (ISSAF)

Tools

Source Code Audit Tools