docs.nwebsec.com
NWebsec - Security libraries for ASP.NET — NWebsec documentation
https://docs.nwebsec.com/en/4.1
NWebsec and the SDL. NWebsec - Security libraries for ASP.NET. NWebsec - Security libraries for ASP.NET. NWebsec consists of several security libraries for ASP.NET applications. Three of these libraries work together to remove version headers, control cache headers, stop potentially dangerous redirects, and set important security headers. They are collectively referred to as “NWebsec”:. Check out the NWebsec demo site. To see the headers and session security improvements in action. On Read the Docs.
docs.nwebsec.com
NWebsec - Security libraries for ASP.NET Core — NWebsec documentation
https://docs.nwebsec.com/en/latest
NWebsec and the SDL. ASPNET Core vs ASP.NET 4. NWebsec - Security libraries for ASP.NET Core. NWebsec - Security libraries for ASP.NET Core. NWebsec consists of several security libraries for ASP.NET applications. These libraries work together to remove version headers, control cache headers, stop potentially dangerous redirects, and set important security headers. If you’re not sure what “security headers” are, check out this blog post: Security through HTTP response headers. NWebsec for ASP.NET 4.
docs.nwebsec.com
NWebsec - Improved session security for ASP.NET — NWebsec.SessionSecurity documentation
https://docs.nwebsec.com/projects/SessionSecurity/en/latest
NWebsec - Improved session security for ASP.NET. NWebsec - Improved session security for ASP.NET. The NWebsec.SessionSecurity library improves ASP.NET session security by enforcing a strong binding between an authenticated user’s identity and the user’s session identifier. You’ll find the library on NuGet: NWebsec.SessionSecurity. You can also get it under Releases. To learn more about how it works, see. To see how it’s configured, refer to. See :doc:` to learn more. Check out the NWebsec demo site.
docs.nwebsec.com
NWebsec - Security libraries for ASP.NET — NWebsec documentation
https://docs.nwebsec.com/en/4.2
NWebsec and the SDL. NWebsec - Security libraries for ASP.NET. NWebsec - Security libraries for ASP.NET. NWebsec consists of several security libraries for ASP.NET applications. Three of these libraries work together to remove version headers, control cache headers, stop potentially dangerous redirects, and set important security headers. They are collectively referred to as “NWebsec”:. Check out the NWebsec demo site. To see the headers and session security improvements in action. On Read the Docs.
aymericlagier.com
Aymeric | Blog de Aymeric Lagier
http://www.aymericlagier.com/author/admin
Skip to main content. Blog de Aymeric Lagier. Cybersécurité] Se protéger des failles XSS avec les headers CSP (Content Security Policy). Cross-Site Scripting), étant classées en troisième position du dernier TOP 10 de l’OWASP. Une autre manière de se protéger de ce type de faille est de mettre en place le header HTTP. Les sources disponibles sont les suivantes :. Liste de domaines séparés par un espace. Si un élément n’a pas de configuration, la valeur du paramètre. Gestion de nonce pour les scripts inli...
unsecured.nwebsec.com
ASP.NET session fixation demo
http://unsecured.nwebsec.com/SessionFixation
The No NWebsec demo site. Demonstrating ASP.NET session fixation. This demo shows ASP.NET session fixation in practice. The steps are pretty straightforward:. Log in as the attacker. Wait for the victim to log in and populate the (now) shared session with the victim's data. Have a look at the victim's session data. Then start the attack. You'll have to log in if you haven't already. You can also learn more about how it works. 2017 - André N. Klingsheim. www.nwebsec.com.
dotnetnoob.com
The .NET n00b: 9/1/13 - 10/1/13
http://www.dotnetnoob.com/2013_09_01_archive.html
Software security blog by André N. Klingsheim, who's learning to love .NET and Microsoft servers. Any opinions expressed here are my own and not necessarily those of my employer (I'm self-employed). Sep 14, 2013. The "Unable to remove directory "bin Release app.publish " Azure packaging error. Unable to remove directory "bin Release app.publish ". Access to the path 'AzureStartupTest.Azure.cspkg' is denied. Turns out someone is holding on to that file! It seems I'm not the only one on the Internet runnin...
dotnetnoob.com
The .NET n00b: 4/1/14 - 5/1/14
http://www.dotnetnoob.com/2014_04_01_archive.html
Software security blog by André N. Klingsheim, who's learning to love .NET and Microsoft servers. Any opinions expressed here are my own and not necessarily those of my employer (I'm self-employed). Apr 24, 2014. NUnit and Visual Studio Online. Looks pretty cool so I’ve decided that Ill use it for the next NWebsec. Release. The project setup was relatively straightforward and painless, but I hit a speed bump when I ran the first build of NWebsec. André N. Klingsheim. Thursday, April 24, 2014. 169; André ...
dotnetnoob.com
The .NET n00b: 7/1/13 - 8/1/13
http://www.dotnetnoob.com/2013_07_01_archive.html
Software security blog by André N. Klingsheim, who's learning to love .NET and Microsoft servers. Any opinions expressed here are my own and not necessarily those of my employer (I'm self-employed). Jul 17, 2013. Ramping up ASP.NET session security. OWASP recently released their Top Ten 2013 list of web application vulnerabilities. If you compare the list to the 2010 version you’ll see that Broken Authentication and Session Management. OWASP has a great guide. André N. Klingsheim. Wednesday, July 17, 2013.
dotnetnoob.com
The .NET n00b: 10/1/13 - 11/1/13
http://www.dotnetnoob.com/2013_10_01_archive.html
Software security blog by André N. Klingsheim, who's learning to love .NET and Microsoft servers. Any opinions expressed here are my own and not necessarily those of my employer (I'm self-employed). Oct 13, 2013. Hardening Windows Server 2008/2012 and Azure SSL/TLS configuration. I guess it was long overdue for me to follow up on my Hardening Windows Server 2003 SSL/TLS configuration. And Windows server 2003 vs 2008, SSL/TLS comparison. André N. Klingsheim. Sunday, October 13, 2013. 169; André N. Kli...
SOCIAL ENGAGEMENT