Pentesting ASP.NET talk notes

I gave my Pentesting ASP.NET talk at Safelite today, celebrating the 20th presentation of  this deck. It's a good talk, I'm glad so many people like it. I know I'll be delivering it at the Louisville .NET user group in June, and there is probably some others that I am forgetting.

Anyway, there was a request for some links that I talk about diring that talk, so here they are:

The Secure Coding Practice Quick Reference Guide

The OWASP Top 10 Cheat Sheet

Troy Hunt's OWASP Top 10 ASP.NET blog series - probably the best writing on the topic ever. No foolin.

The Zed Attack Proxy

Backtrack

SET - The Social Engineer's Toolkit

Oh, and here are the sites for Defcon, Derbycon and Notacon, too.

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList