Testing ASP.NET Application from Attack
-
21-04-2021 - |
Pergunta
I am building a Web Application in ASP.NET 4.0, using VS 2010 Professional.
I have tested the application against Sql injection, and user input.
Is there any other test necessary for me to do? Which tools should I use against external attack?
Solução
I suggest you take a look at the OWASP (Open Web Application Security Project) website - start with their top 10.
Troy Hunt wrote a good blog series about the top 10 and how to mitigate against them and released it as a free ebook.
Outras dicas
Burps Suite is the generally used penetration testing suite. They offer a free version, but the paid version is fairly inexpensive (as far as these things go, it's $300.. many such tools cost over $1000)
Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow