Pentesting ASP.NET - Injection and Cross-Site Scripting Attacks

Explore pentesting techniques for ASP.NET applications in this 48-minute conference talk by Bill Sempf. Dive into various security vulnerabilities, including injection attacks, cross-site scripting (XSS), and cross-site request forgery (CSRF). Learn about authentication management, secure cryptography, and public key infrastructure. Discover practical tools and methods for identifying and exploiting misconfigurations in ASP.NET applications. Gain insights into URL access security, SSL implementation, and the importance of local security meetups. Enhance your cybersecurity skills and stay updated with the latest pentesting practices for ASP.NET environments.

Introduction
Who is Bill Sempf
Lorem Ipsum
Lockpicking
Ninja
insurrectionist
learning something new
my goal
what is injection
Troy Holmes
XSS
Crosssite scripting
Negation accession management
User password
Firesheep
MAC Address
Crosssite request forgery
Authentication management
Webforms
Crosssite scripting attacks
Other misconfigurations
Secure cryptography
Public key infrastructure
URL access
Example
SSL
Tools
Practice
Local Meetings
Twitter