Penetration Testing: Re: Injection attacks in ASPX/ASP.NET applications

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: Injection attacks in ASPX/ASP.NET applications

From: Romain Gaucher <romain.gaucher () nist gov>
Date: Thu, 04 Sep 2008 16:26:42 -0400

Look especially for the source code analyzers and web applicationscanners...


Romain

Marco Ivaldi wrote:

Nikhil,

On Sat, 30 Aug 2008, Nikhil Wagholikar wrote:
Hello All,
[snip]
3. Is there any tool specially developed for finding vulnerabilitiesin ASP.NET application from penetration testing/vulnerabilityassessment point of view?4. Any free tool and thorough methodology, that could help one indoing source code audit/review of ASP.NET (ASPX) application? (I knowone tool to be scancode.py)
You may want to take a look at NIST's SAMATE (Software Assurance MetricsAnd Tool Evaluation) project page:
https://samate.nist.gov/index.php/Tools

Hope this helps,




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes inSecuring Web Applications

Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

By Date By Thread

Current thread:

Re: Injection attacks in ASPX/ASP.NET applications, (continued)
- Re: Injection attacks in ASPX/ASP.NET applications FF (Sep 02)
- Re: Injection attacks in ASPX/ASP.NET applications Marco Ivaldi (Sep 04)
  - Re: Injection attacks in ASPX/ASP.NET applications Romain Gaucher (Sep 04)