用于.Net应用程序的安全性和Vulenerability测试工具 [英] Security and Vulenerability testing tool for .Net application

问题描述

hi
我想要一个测试应用程序安全性，应用程序漏洞和Sql注入等测试工具。请给我一些工具。



最重要的是，你建议的工具应该支持.Net应用程序，并且应该有用于测试的UI。



谢谢

Prafulla

hi I want a testing tool which will test application security, Vulnerabilities of application and Sql Injection etc . Please suggest me some tools.

Most importantly the tools you have suggested should support .Net application and should have UI for testing.

Thanks
Prafulla

推荐答案

有很多工具，它取决于复杂程度或非复杂程度你想要的，还取决于你是否想要付钱。



简单ZAP - 来自OWASP的代理也非常适合开始使用。

Burp Suite - 再次成为一个好工具，但许可证将花费你300

There are a number of tools out there it depends on how complex or non complex you want, it also depends on whether you want to pay for them or not.

Simply ZAP - Proxy from OWASP is a good too to get started with.
Burp Suite - Again a good tool but a license will cost you 300

。



如果你想进步一点复杂，那么有BackTrack和Kali linux这些都是linux的Penetration测试发行版。它们带有许多工具为了测试你的网站，@ work我们只使用.NET。我使用所有这些工具取决于我想要测试的内容和位置。

.

If you want to progress a little more complicated, then there is BackTrack and Kali linux these are both Penetration testing distributions of linux. They come with many tools For testing your website, @ work we use .NET exclusively. I use all these tools depending on what I want to test and where.

这里有一些阅读材料： Microsoft安全开发生命周期（SDL） - 版本3.2 [ ^ ]



工具：

攻击面积分析器 [ ^ ]

SDL威胁建模工具3.1.8 [ ^ ]



正如CdnSecurityEngineer所说，你应该试试BackT机架，Kali或类似的东西。



Metasploit [ ^ ]绝对值得一看， Samurai Web测试框架 [ ^ ]





最好的问候

Espen Harlinn

Here is a bit of reading material: Microsoft Security Development Lifecycle (SDL) - Version 3.2[^]

Tools:
Attack Surface Analyzer[^]
SDL Threat Modeling Tool 3.1.8[^]

As CdnSecurityEngineer mentioned you should try out BackTrack, Kali or something similar.

Metasploit[^] is definitely worth looking at, and so is the Samurai Web Testing Framework[^]


Best regards
Espen Harlinn

这篇关于用于.Net应用程序的安全性和Vulenerability测试工具的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！