Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Injection attacks in ASPX/ASP.NET applications

From: Romain Gaucher <romain.gaucher () nist gov>
Date: Thu, 04 Sep 2008 16:26:42 -0400
Look especially for the source code analyzers and web application scanners... 

Romain

Marco Ivaldi wrote:

Nikhil,

On Sat, 30 Aug 2008, Nikhil Wagholikar wrote:


Hello All,


[snip]
3. Is there any tool specially developed for finding vulnerabilities in ASP.NET application from penetration testing/vulnerability assessment point of view? 4. Any free tool and thorough methodology, that could help one in doing source code audit/review of ASP.NET (ASPX) application? (I know one tool to be scancode.py)
You may want to take a look at NIST's SAMATE (Software Assurance Metrics And Tool Evaluation) project page: 

https://samate.nist.gov/index.php/Tools

Hope this helps,





------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in Securing Web Applications 
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: