This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of ".NET Penetration Testing"
From OWASP
(→References) |
(→Online Media (Podcasts, Webcasts, Presentations, eBooks etc.): deprecated.) (Tag: Visual edit) |
||
(7 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | {| | + | {| class="wikitable" align="right" |
|- | |- | ||
! .NET Security Quick Reference | ! .NET Security Quick Reference | ||
Line 21: | Line 21: | ||
*Reporting | *Reporting | ||
− | ===Articles=== | + | ===Blogs, Articles & Projects=== |
+ | [[OWASP .NET Vulnerability Research]] | ||
+ | [https://www.microsoft.com/en-us/sdl Microsoft SDL (Secure Development Lifecycle)] | ||
+ | |||
+ | [https://docs.microsoft.com/en-us/aspnet/core/security/ .NET CORE Security] | ||
+ | |||
+ | [https://blogs.technet.microsoft.com/msrc/ Microsoft Security Research Center (MSRC)] | ||
===References=== | ===References=== | ||
Line 30: | Line 36: | ||
[http://www.isecom.org/osstmm ISECOM Open Source Security Testing Methodology Manual] | [http://www.isecom.org/osstmm ISECOM Open Source Security Testing Methodology Manual] | ||
+ | |||
+ | [http://www.oissg.org/issaf/index.php OISSG Information Systems Security Assessment Framework (ISSAF)] | ||
===Tools=== | ===Tools=== | ||
[http://www.owasp.org/index.php/Source_Code_Audit_Tools Source Code Audit Tools] | [http://www.owasp.org/index.php/Source_Code_Audit_Tools Source Code Audit Tools] |
Latest revision as of 13:29, 24 January 2018
.NET Security Quick Reference |
---|
.NET Penetration Testing
Plan, Discover, Attack and Report - this section is for tools, checklists and references for penetration testing .NET web applications and services.
Areas of Concern
- Planning the hack
- Ethically hacking
- Attack Vectors
- Intelligence gathering
- Reporting
Blogs, Articles & Projects
OWASP .NET Vulnerability Research
Microsoft SDL (Secure Development Lifecycle)
Microsoft Security Research Center (MSRC)
References
NIST 800-42 Guideline on Network Security Testing
ISECOM Open Source Security Testing Methodology Manual
OISSG Information Systems Security Assessment Framework (ISSAF)