Penetration Testing mailing list archives
Re: Injection attacks in ASPX/ASP.NET applications
From: Romain Gaucher <romain.gaucher () nist gov>
Date: Thu, 04 Sep 2008 16:26:42 -0400
Look especially for the source code analyzers and web application scanners...
Romain Marco Ivaldi wrote:
Nikhil, On Sat, 30 Aug 2008, Nikhil Wagholikar wrote:Hello All,[snip]3. Is there any tool specially developed for finding vulnerabilities in ASP.NET application from penetration testing/vulnerability assessment point of view? 4. Any free tool and thorough methodology, that could help one in doing source code audit/review of ASP.NET (ASPX) application? (I know one tool to be scancode.py)You may want to take a look at NIST's SAMATE (Software Assurance Metrics And Tool Evaluation) project page:https://samate.nist.gov/index.php/Tools Hope this helps,
------------------------------------------------------------------------ This list is sponsored by: CenzicTop 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Re: Injection attacks in ASPX/ASP.NET applications, (continued)
- Re: Injection attacks in ASPX/ASP.NET applications Serg B (Sep 03)
- Re: Injection attacks in ASPX/ASP.NET applications Krugger (Sep 02)
- Re: Injection attacks in ASPX/ASP.NET applications David Howe (Sep 02)
- RE: Injection attacks in ASPX/ASP.NET applications Wong Yu Liang (Sep 02)
- RE: Injection attacks in ASPX/ASP.NET applications Pennington, Coby (Sep 03)
- Re: Injection attacks in ASPX/ASP.NET applications silky (Sep 03)
- Re: Injection attacks in ASPX/ASP.NET applications Wagner Elias (Sep 04)
- Re: Injection attacks in ASPX/ASP.NET applications Jorge L. Vazquez (Sep 04)
- Re: Injection attacks in ASPX/ASP.NET applications FF (Sep 02)
- Re: Injection attacks in ASPX/ASP.NET applications Marco Ivaldi (Sep 04)
- Re: Injection attacks in ASPX/ASP.NET applications Romain Gaucher (Sep 04)