Difference between revisions of ".NET Penetration Testing"

From OWASP
Jump to: navigation, search
(References)
Line 30: Line 30:
  
 
[http://www.isecom.org/osstmm ISECOM Open Source Security Testing Methodology Manual]
 
[http://www.isecom.org/osstmm ISECOM Open Source Security Testing Methodology Manual]
 +
 +
[http://www.oissg.org/issaf/index.php OISSG Information Systems Security Assessment Framework (ISSAF)]
  
 
===Tools===
 
===Tools===
 
[http://www.owasp.org/index.php/Source_Code_Audit_Tools Source Code Audit Tools]
 
[http://www.owasp.org/index.php/Source_Code_Audit_Tools Source Code Audit Tools]

Revision as of 20:20, 15 April 2008

.NET Security Quick Reference

Contents

.NET Penetration Testing

Plan, Discover, Attack and Report - this section is for tools, checklists and references for penetration testing .NET web applications and services.

Areas of Concern

  • Planning the hack
  • Ethically hacking
  • Attack Vectors
  • Intelligence gathering
  • Reporting

Articles

References

Rooting the CLR (Draft)

NIST 800-42 Guideline on Network Security Testing

ISECOM Open Source Security Testing Methodology Manual

OISSG Information Systems Security Assessment Framework (ISSAF)

Tools

Source Code Audit Tools