This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of ".NET Penetration Testing"

Jump to: navigation, search
m (Online Media (Podcasts, Webcasts, Presentations, eBooks etc.))
(Online Media (Podcasts, Webcasts, Presentations, eBooks etc.): deprecated.)
Line 1: Line 1:
{| align="right" class="wikitable"
{| class="wikitable" align="right"
! .NET Security Quick Reference
! .NET Security Quick Reference
Line 24: Line 24:
[[OWASP .NET Vulnerability Research]]
[[OWASP .NET Vulnerability Research]]
[ MSDN Hackers]
[ Microsoft SDL (Secure Development Lifecycle)]
[ MSDN Magazine: Security Briefs: Penetration Testing]
[ .NET CORE Security]
[ Wrong Way to Do Penetration Testing]
[ Microsoft Security Research Center (MSRC)]
===Online Media (Podcasts, Webcasts, Presentations, eBooks etc.)===
[ MSDN Webcast: Penetration Testing with Visual Studio Team System and Fortify Security Tester]
[ Penetration Testing for Web Applications Part 1 (PDF)] link broken 2011.05.04 14.14 PM (GMT+7)
[ Penetration Testing for Web Applications Part 2 (PDF)] link broken 2011.05.04 14.14 PM (GMT+7)

Latest revision as of 13:29, 24 January 2018

.NET Security Quick Reference

.NET Penetration Testing

Plan, Discover, Attack and Report - this section is for tools, checklists and references for penetration testing .NET web applications and services.

Areas of Concern

  • Planning the hack
  • Ethically hacking
  • Attack Vectors
  • Intelligence gathering
  • Reporting

Blogs, Articles & Projects

OWASP .NET Vulnerability Research

Microsoft SDL (Secure Development Lifecycle)

.NET CORE Security

Microsoft Security Research Center (MSRC)


Rooting the CLR (Draft)

NIST 800-42 Guideline on Network Security Testing

ISECOM Open Source Security Testing Methodology Manual

OISSG Information Systems Security Assessment Framework (ISSAF)


Source Code Audit Tools