Skip to main content

OWASP Web dotnet C#

 OWASP for Web


Main topics

  • Stored Cross Site Scripting
  • PII data in URL
  • XML Injection
  • Forced Browsing
  • Token Exposure in URL
  • Reflected XSS
  • Command Injection
  • User Enumeration
  • Clickjacking
  • Weak Randomness
  • SQL Injection
  • Vertical Privilege Escalation
  • Session Fixation
  • Directory Traversal
  • Horizontal Privilege Escalation
  • Header Injection
  • Leftover Debug Code
  • Insecure URL Redirect
  • Server Side Request Forgery
  • DOM XSS
  • Cross Site Request Forgery
  • Components with Known Vulnerabilities

.NET

Comments

Post a Comment

Popular posts from this blog

XML Webservice (ASMX) - SOAP Request and Response Invocation logging

You are an integration developer. Eventualy you came into the state where there is nothing else you can debug, and you have to check which SOAP request it is built on the request, and which SOAP response you are getting from the server. C# XML Webservice (ASMX) - SOAP Request and Response Invocation logging In the legaccy .NET framework System.Web.Services , this means using soapExtensions to help you intersept the interaction with the webservice. This is done like so:  public class TraceExtension : SoapExtension     {         Stream oldStream;         Stream newStream;         string filename;         // Save the Stream representing the SOAP request or SOAP response into          // a local memory buffer.          public override Stream ChainStream(Stream stream)         {           ...
Post a Comment
Read more

Abstract Factory Pattern

Abstract Factory Pattern  Gamma Categorization: Creational Design Patten Summary: When the object construction is complicated, needing multiple arguments, we should create a separate function (Factory Method) or class (Factory), which is responsible for the creation of the all object. Problem examples Suport of multiple databases Multiple data sources: Serial port, ethernet port, device driver Diferent report types Solution Abstract class Generalized interface A Factory creates instances of the concrete classes Sample Code The abstract factory public   interface   IPhotoFactory {      IAnaloguePhoto   CreateAnaloguePhoto ();      IDigitalPhoto   CreateDigitalPhoto (); } The abstract products public   interface   IAnaloguePhoto {      string   GetName (); } public   interface   IDigitalPhoto {      ...
Post a Comment
Read more

Software Development

Software Development Agile Agile is an insurance policy for market changes. By designing your solution according to this methodology, your project remains flexible and is always ready for change. It is always better to correct the mistake early in the process. With this method, you keep your finger on the pulse of a dynamic market and changing user expectations. As a result, you can continuously adapt, change your strategy, and create a product that will be in demand by the target audience, even if preferences have changed during the development process. DevOps DevOps is one more way to optimize the development budget of your application. A key DevOps approach is that this practice and its culture allow team members to better interact with each other and the customer. The software development team and those responsible for the operation of the application share responsibilities clearly, and it helps you avoid shifting responsibilities from one team member to another. DevOps involves th...
Post a Comment
Read more