This is a mirror of official site: http://jasper-net.blogspot.com/

Ethical Hacking ASP.NET

| Sunday, May 16, 2010
Security tools and guidelines for white-hat hacking and protecting ASP.NET web applications.

News

The v.1.0.0.1 version of Lens is available. Click on the Downloads tab to access or the Documentation tab to learn more about Lens.

Our mission

Just like any other web platform, ASP.NET is not free from features that can be misused in way that can have serious security related consequences. Developers should be aware of what exactly this platform provides in the world of security: when should one trust the runtime that it will gracefully handle an attack, and when should one write additional lines of code to protect the application against a certain threat.

The goal of this site is to provide information and tools to test your ASP.NET web application against well-known attacks and provide guidance about how to implement workarounds if your site happens to be vulnerable. These tools are for developers and ethical hackers; it is definitely against our will to help malicious activities.

Note, that we do NOT say we found any new security vulnerability in the ASP.NET platform that Microsoft is not aware of or tries to hide. All we say is that - just like many other platform - this platform is not bulletproof, and there are attacks out in the wild that can exploit not your code, but the platform your code runs on. Even if it is not your code, because your application builds on top of it, it is your task to patch these vulnerabilities. Hopefully we can help you to fulfil this task.

This site is dedicated to ASP.NET Ethical Hacking, but you can read more about security and various aspects of ethical hacking on our Haxperience site.

György Balássy
Microsoft Regional Director, Hungary, ASP.NET MVP, MCTS
MSDN Competence Center
Blog: http://balassy.spaces.live.com

Read more: Codeplex

Posted via email from jasper22's posterous

0 comments: