|
Penetration Testing
mailing list archives
Re: Injection attacks in ASPX/ASP.NET applications
From: Marco Ivaldi <raptor () mediaservice net>
Date: Thu, 4 Sep 2008 16:05:06 +0200 (ora solare Europa occidentale)
Nikhil,
On Sat, 30 Aug 2008, Nikhil Wagholikar wrote:
Hello All,
[snip]
3. Is there any tool specially developed for finding vulnerabilities in
ASP.NET application from penetration testing/vulnerability assessment
point of view?
4. Any free tool and thorough methodology, that could help one in doing
source code audit/review of ASP.NET (ASPX) application? (I know one tool
to be scancode.py)
You may want to take a look at NIST's SAMATE (Software Assurance Metrics
And Tool Evaluation) project page:
https://samate.nist.gov/index.php/Tools
Hope this helps,
--
Marco Ivaldi, OPST
Red Team Coordinator Data Security Division
@ Mediaservice.net Srl http://mediaservice.net/
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- RE: Injection attacks in ASPX/ASP.NET applications, (continued)
Re: Injection attacks in ASPX/ASP.NET applications FF (Sep 02)
Re: Injection attacks in ASPX/ASP.NET applications Marco Ivaldi (Sep 04)
|
Intro
