This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit


Jump to: navigation, search
This historical page is now part of the OWASP archive.
This page contains content that is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were once valid but may now link to sites or pages that no longer exist.
Please use the newer Edition(s) like Category:OWASP_.NET_Project

ANSA - Asp.Net Security Analyzer

Asp.Net Security Analyser (ANSA) is a Windows based online tool that tests a server's security for known security vulnerabilities within an Asp.Net shared hosting environment.

This was the first tool developed by Dinis Cruz that highlights the security problems of Full Trust Asp.Net code (contains Proof of Concept tests (i.e. exploits))


Note: ANSA is also installed via the Installer_For_Owasp_IIS_ASP.NET_Tools


ANSA MainPage

ANSA MainPage.gif

ANSA Security Analyzer

ANSA Security Analyzer.jpg

ANSA WSH Execute Command.png

ANSA WSH Execute Command.png

ANSA WMI List User Accounts

ANSA WMI List User Accounts.png

ANSA FSO Browse Folders

ANSA FSO Browse Folders.png