Difference between revisions of "User:Dinis.cruz"

From OWASP
Jump to: navigation, search
Line 3: Line 3:
 
Since the 1.1 release of the .Net Framework, Dinis has been one of the strongest proponents of the need to write .Net applications that can be executed in secure Partially Trusted .Net environments, and has done extensive research on: Rooting the CLR, exposing the dangers of Full Trust Asp.Net Code, Type Confusion vulnerabilities in Full Trust (i.e. non verifiable) code, creating .Net Security Protection Layers and using Reflection to dynamically manipulate .Net Client applications.
 
Since the 1.1 release of the .Net Framework, Dinis has been one of the strongest proponents of the need to write .Net applications that can be executed in secure Partially Trusted .Net environments, and has done extensive research on: Rooting the CLR, exposing the dangers of Full Trust Asp.Net Code, Type Confusion vulnerabilities in Full Trust (i.e. non verifiable) code, creating .Net Security Protection Layers and using Reflection to dynamically manipulate .Net Client applications.
  
Dinis is the current [[http://www.owasp.org/index.php/Category:OWASP_.NET_Project Owasp .Net Project]] leader and the main developer of several of OWASP .Net tools ([[http://www.owasp.org/index.php/SAM%27SHE SAM'SHE]], [[http://www.owasp.org/index.php/ANBS ANBS]], [[http://www.owasp.org/index.php/Owasp_SiteGenerator SiteGenerator]], Owasp Report Generator, [[http://www.owasp.org/index.php/ASP.NET_Reflector Asp.Net Reflector]]).
+
Dinis is the current [[http://www.owasp.org/index.php/Category:OWASP_.NET_Project Owasp .Net Project]] and [[http://www.owasp.org/index.php/OWASP_Autumn_Of_Code_2006 OWASP Autumn of Code]] project's leader and the main developer of several of OWASP .Net tools ([[http://www.owasp.org/index.php/SAM%27SHE SAM'SHE]], [[http://www.owasp.org/index.php/ANBS ANBS]], [[http://www.owasp.org/index.php/Owasp_SiteGenerator SiteGenerator]], Owasp Report Generator, [[http://www.owasp.org/index.php/ASP.NET_Reflector Asp.Net Reflector]]).
  
Dinis will be at this year's Black Hat delivering the [[http://www.blackhat.com/html/bh-usa-06/train-bh-us-06-io-net.html Advanced Asp.Net Exploits and Countermeasures] two day training course
+
Dinis is a active trainer on .Net security having written and delivered courses for IOActive, Foundstone, Intense School and KPMG . His latest course is the two day training course [[http://www.blackhat.com/html/bh-usa-06/train-bh-us-06-io-net.html Advanced Asp.Net Exploits and Countermeasures], which was delivered at the Black Hat 2006 conference and will be presented on the fortcomming [[http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference OWASP AppSec Conference]] in Seattle.

Revision as of 10:02, 8 September 2006

Dinis Cruz is a Security Consultant based in London (UK) and specialized in: ASP.NET Application Security, Active Directory deployments, Application Security audits and .NET Security Curriculum Development.

Since the 1.1 release of the .Net Framework, Dinis has been one of the strongest proponents of the need to write .Net applications that can be executed in secure Partially Trusted .Net environments, and has done extensive research on: Rooting the CLR, exposing the dangers of Full Trust Asp.Net Code, Type Confusion vulnerabilities in Full Trust (i.e. non verifiable) code, creating .Net Security Protection Layers and using Reflection to dynamically manipulate .Net Client applications.

Dinis is the current [Owasp .Net Project] and [OWASP Autumn of Code] project's leader and the main developer of several of OWASP .Net tools ([SAM'SHE], [ANBS], [SiteGenerator], Owasp Report Generator, [Asp.Net Reflector]).

Dinis is a active trainer on .Net security having written and delivered courses for IOActive, Foundstone, Intense School and KPMG . His latest course is the two day training course [Advanced Asp.Net Exploits and Countermeasures, which was delivered at the Black Hat 2006 conference and will be presented on the fortcomming [OWASP AppSec Conference] in Seattle.