Description
Marcus Mac Innes demonstrates how security on a web site can be compromised by taking advantage of holes within the application code. These holes can be discovered by using a series of probes which disclose whether or not vulnerability exists. He also demonstrated using a Cross Site Scripting attack how the Forms Authentication cookie could be stolen and silently sent to an attacker's website to be stored for later use. The key message of the talk is to ensure that all user input is validated before any other processing is done. This together with strict use of secure coding standards would have disabled any attacker's opportunities. Source code included.
Related:
User Reviews:
Related:
"Good" ASP.NET Coding Practices"Good" ASP.NET Coding Practices is a tutorial through which you can learn about some good methods to follow while writing applications in ASP.NET....By: AspAlliance.com |
Freeware |
.NET attributesThis article is helpful for the developers which instructs deeply about the functionalities of attributes and about its features in simple steps....By: e Advantage |
Freeware |
.NET Common Type System.NET Common Type System is a web based tutorial in which author describes common type system, which defines all data types and also adapt a rule to...By: World of .NET |
Freeware |
.NET compilation demystified.NET compilation demystified is an ASP.NET tutorial which gives you details about the compilation process of the .NET languages. When you compile... |
Freeware |
.NET Delegate Event Model vs COM Connection PointsThis article is for the .NET learners and for the users who are eager to learn and know more about the use of delegate event model with COM...By: Codeguru.com |
Freeware |
XLSReadWriteII.NET 2.00XLSReadWriteII.NET for Delphi 2005/2006 and others, Win Forms Use this version for creating Win Forms applications with Delphi, Visual Studio and...By: Axolot Data |
Shareware |
TGPS 1.11Interface with your GPS receiver.By: Axolot Data |
Shareware |
pgISQL (Interactive SQL for PostgreSQL) ver. 2.2.0 2.2.0Interactive SQL for PostgreSQL is a powerfull database utility. It allows: Build SQL queries using SQL Editor with SQL syntax highlighting and SQL...By: Sujit |
Shareware |
Syndicate Pro 1.0Syndicate Pro multi-platform compatible. Syndicate Pro is server software for managing and distributing news headlines and other content over the ...By: Sujit |
Shareware |
ESBPCS for VCL 4.2.2ESB Professional Computation Suite (ESBPCS for VCL) provides a huge collection of Borland Delphi Routines and Components to make Data Entry and...By: Glenn Crouch |
Shareware |
- ASP.NET Improves Web App Deployment, Scalability, Security, and Reliability
Discusses features of ASP.NET. By Dave Sussman, MSDN Magazine. - ASP Resource Index - Web Applications
A directory of applications both commercial and free. - .NET Framework SDK, Visual Studio.NET, and ASP+ Developer Resources
.NET Framework SDK and Visual Studio.NET resources and links. Includes ASP+, ADO+, Visual Studio.NET, Visual Basic.NET,... - ASP.NET ExpertMenu
Flexible DHTML Menu ASP.NET server control, configurable with XML and CSS, fully programmable, and demo set. - MySQL with ASP.NET
A step by step guide to using MySql with ASP.Net for internet databases by Ziran Sun. - ASP.NET Resources
Tutorials, articles, references to ASP.NET and web standards (CSS, XHTML, DOM). - ASP.NET Cafe
Small articles about site development and deployment is ASP.NET. Sample sources. - AxpDataGrid for ASP.NET
A datagrid with data editing capabilities in form mode. - MSDN: ASP.NET
Developers resource center in the MSDN Library. - CodePlex: ASP.NET
This project gives access to the code for upcoming releases that the ASP.NET team is working on, starting with the ASP.NET...