Skip to content
/ owasp_netman Public

Charla sobre el top 10 de OWASP impartida en la comunidad @XantarDev por @dariocp y @dagope

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dagope/owasp_netman

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits

A1

A1

 
 

A3

A3

 
 

A4

A4

 
 

A5

A5

 
 

A7

A7

 
 

presentacion

presentacion

 
 

.gitignore

.gitignore

 
 

Demos.txt

Demos.txt

 
 

README.md

README.md

 
 

Repository files navigation

Charla impartida en la comunidad @XantarDev por @dariocp y @dagope

Índice

En cada enlace podremos ver las explicaciones y procedimientos de las demos

A1: Inyección SQL

A3: Muestra de tráfico HTTP

A4: Acceso a archivos del sistema mediante XXE

A5: Acceso no autorizado a secciones de una web

A7+A2: Captura del ID de sesión mediante XSS y suplantación de identidad

Referencias

DotNet Security · OWASP Cheat Sheet Series

https://cheatsheetseries.owasp.org/cheatsheets/DotNet_Security_Cheat_Sheet.html

OWASP .NET Recommended Resources

https://www.owasp.org/index.php/OWASP_.NET_Recommended_Resources

OWASP Top 10 - 2017

Los diez riesgos más críticos en Aplicaciones Web

https://www.owasp.org/images/5/5e/OWASP-Top-10-2017-es.pdf https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf

OWASP .NET Project

https://www.owasp.org/index.php/Category:OWASP_.NET_Project

OWASP WebGoat.NET

https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET https://github.com/rapPayne/WebGoat.Net/tree/master/instructions

Overview of ASP.NET Core Security

https://docs.microsoft.com/en-us/aspnet/core/security/?view=aspnetcore-3.0

Prevent Cross-Site Scripting (XSS) in ASP.NET Core

https://docs.microsoft.com/en-us/aspnet/core/security/cross-site-scripting?view=aspnetcore-3.0

Raw SQL Queries

https://docs.microsoft.com/en-us/ef/core/querying/raw-sql

Prevent Cross-Site Request Forgery (XSRF/CSRF) attacks in ASP.NET Core

https://docs.microsoft.com/en-us/aspnet/core/security/anti-request-forgery?view=aspnetcore-3.0

Prevent open redirect attacks in ASP.NET Core

https://docs.microsoft.com/en-us/aspnet/core/security/preventing-open-redirects?view=aspnetcore-3.0

--

OWASP Top 10 Vulnerabilities & ASP.NET

https://www.infoq.com/presentations/owasp-top-10-vulnerabilities-2017/ https://www.youtube.com/watch?v=j9xM3Za98ak

Free eBook: OWASP Top 10 for .NET developers

https://www.saotn.org/free-ebook-owasp-top-10-net-developers/

OWASP Top 10 for ASP.net Core – SQL Injection

https://dotnetcoretutorials.com/2017/10/11/owasp-top-10-asp-net-core-sql-injection

Open Web Application Security Project (OWASP) For .NET projects

https://www.softwareblogs.com/Posts/Details/22/open-web-application-security-project-owasp-for-net-projects

Covered OWASP Top 10 risks

https://hdivsecurity.com/owasp-top-10

ASP.NET MVC application security risks

https://www.youtube.com/watch?v=ABUcyslFb6s

ASP.NET MVC and OWASP Top 10 Secured by Hdiv

https://www.youtube.com/watch?v=JA3fkpdK0lM

About

Charla sobre el top 10 de OWASP impartida en la comunidad @XantarDev por @dariocp y @dagope

Topics

csharp owasp net owasp-top-10

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages