Difference between revisions of ".NET Penetration Testing"

From OWASP
Jump to: navigation, search
(Online Media (Podcasts, Webcasts, Presentations, eBooks etc.))
Line 33: Line 33:
 
[http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032308087&CountryCode=US MSDN Webcast: Penetration Testing with Visual Studio Team System and Fortify Security Tester]
 
[http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032308087&CountryCode=US MSDN Webcast: Penetration Testing with Visual Studio Team System and Fortify Security Tester]
  
[http://www.hackerz.ir/e-books/Penetration%20Testing%20For%20Web%20Applications%20Part%201.pdf Penetration for Web Applications Part 1 (PDF)]
+
[http://www.hackerz.ir/e-books/Penetration%20Testing%20For%20Web%20Applications%20Part%201.pdf Penetration Testing for Web Applications Part 1 (PDF)]
  
[http://www.hackerz.ir/e-books/Penetration%20Testing%20For%20Web%20Applications%20Part%202.pdf Penetration for Web Applications Part 2 (PDF)]
+
[http://www.hackerz.ir/e-books/Penetration%20Testing%20For%20Web%20Applications%20Part%202.pdf Penetration Testing for Web Applications Part 2 (PDF)]
  
 
===References===
 
===References===

Revision as of 09:36, 27 May 2009

.NET Security Quick Reference

Contents

.NET Penetration Testing

Plan, Discover, Attack and Report - this section is for tools, checklists and references for penetration testing .NET web applications and services.

Areas of Concern

  • Planning the hack
  • Ethically hacking
  • Attack Vectors
  • Intelligence gathering
  • Reporting

Blogs, Articles & Projects

OWASP .NET Vulnerability Research

MSDN Hackers

MSDN Magazine: Security Briefs: Penetration Testing

Wrong Way to Do Penetration Testing

Online Media (Podcasts, Webcasts, Presentations, eBooks etc.)

MSDN Webcast: Penetration Testing with Visual Studio Team System and Fortify Security Tester

Penetration Testing for Web Applications Part 1 (PDF)

Penetration Testing for Web Applications Part 2 (PDF)

References

Rooting the CLR (Draft)

NIST 800-42 Guideline on Network Security Testing

ISECOM Open Source Security Testing Methodology Manual

OISSG Information Systems Security Assessment Framework (ISSAF)

Tools

Source Code Audit Tools