Testing ASP.NET Application from Attack
https://stackoverflow.com/questions/9116438
-
21-04-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am building a Web Application in ASP.NET 4.0, using VS 2010 Professional.
I have tested the application against Sql injection, and user input.
Is there any other test necessary for me to do? Which tools should I use against external attack?
Solution
I suggest you take a look at the OWASP (Open Web Application Security Project) website - start with their top 10.
Troy Hunt wrote a good blog series about the top 10 and how to mitigate against them and released it as a free ebook.
OTHER TIPS
Burps Suite is the generally used penetration testing suite. They offer a free version, but the paid version is fairly inexpensive (as far as these things go, it's $300.. many such tools cost over $1000)
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
