If your familiar with asp.net, you’ll know the feeling of wasting hours searching through countless settings to get an app working, and then the many more hours it takes to tweak IIS to get your site running smoothly. But this is nothing compaired to getting authentication and domain controllers properly integrated. On Microsofts asp.net newsgroup the biggest single security issue mentioned is user error and bad setup, sometimes allowing things as stupid as anonymous users having full control of a web app.
4GuysFromRolla regular .net author Scott Mitchell has written a kick-ass guide to all things membership and role based, and if your producing an intranet or just a large webapp you will want to take a look. Allowing .net to manage your permissions and users can not only save you time, but takes out some of the many errors that can sneak in when your managing a large sites security manually.
- OWASP WebGoat – Deliberately Insecure Web Application
- Weevely 3 – Weaponized PHP Web Shell
- BackBox Linux – Penetration Testing LiveCD
- WP Security Audit Log – A Complete Audit Log Plugin For WordPress
- OpenFISMA – FISMA Compliance & Risk Management Application
- Onapsis Bizploit v1.50 – SAP Penetration Testing Framework
Most Read in Web Hacking:
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 659,158 views
- Download youtube.com videos? - 156,246 views