Skip to main content

OWASP Web dotnet C#

 OWASP for Web


Main topics

  • Stored Cross Site Scripting
  • PII data in URL
  • XML Injection
  • Forced Browsing
  • Token Exposure in URL
  • Reflected XSS
  • Command Injection
  • User Enumeration
  • Clickjacking
  • Weak Randomness
  • SQL Injection
  • Vertical Privilege Escalation
  • Session Fixation
  • Directory Traversal
  • Horizontal Privilege Escalation
  • Header Injection
  • Leftover Debug Code
  • Insecure URL Redirect
  • Server Side Request Forgery
  • DOM XSS
  • Cross Site Request Forgery
  • Components with Known Vulnerabilities

.NET

Comments

Post a Comment

Popular posts from this blog

SOLID (4/5) - Interface segregation principle

Interface segregation principle In the field of software engineering, the interface-segregation principle (ISP) states that no client should be forced to depend on methods it does not use. ISP splits interfaces that are very large into smaller and more specific ones so that clients will only have to know about the methods that are of interest to them. Such shrunken interfaces are also called role interfaces. ISP is intended to keep a system decoupled and thus easier to refactor, change, and redeploy. using   System ; namespace   interfacesegregation {      public   class   Document       {     }      public   interface   IMachine       {          void   Print ( Document   d );          void   Scan ( Document   d );     ...
Post a Comment
Read more

C# Extension Methods

 C# Extension Methods Extension methods      public   static   class   ExtensionMethods     {          public   static   Stopwatch   Measure ( this   Func < int >  f )         {              var   sw  =  new   Stopwatch ();              sw . Start ();              f ();              sw . Stop ();              return   sw ;         }          public   static   void   Save ( this   ISerializable   s...
Post a Comment
Read more

Configuring Ubuntu

Ubuntu Server Setting up a static IP // https://linuxhint.com/setup_static_ip_address_ubuntu/ // find the network interface name - eg: "enp9s0" ip a sudo nano /etc/netplan/00-installer-config.yaml network: version: 2 ethernets: ens33: addresses: [192.168.1.124/24] gateway4: 192.168.1.254 nameservers: addresses: [1.1.1.1, 8.8.8.8] Connecting to Server ssh root@server_ip_address Create a new user with admin rights adduser username usermod -aG sudo username sudo reboot Disabling Root Login and Limit login attempts(sshd_config) sudo vim /etc/ssh/sshd_config PermitRootLogin no LoginGraceTime 120 # allow only 1 login attempt per connection MaxAuthTries 1 sudo service sshd restart System update sudo apt-get update sudo apt-get upgrade Firewall sudo ufw status sudo ufw allow ssh sudo ufw allow http sudo ufw allow https sudo ufw enable sudo ufw status .NET Core wget https://packages.microsoft.com/config/ubuntu/20.10/packages-microsoft-prod.deb -O packages-...
Post a Comment
Read more