09 May 2012 CI Team


Evil Hackers are lurking everywhere and many Web-applications are delicately and share “too much” with the attacker.

A quick (first!) overview offers the Tool “ASafaWeb”. All the website does is making a few requests and writing an Analyses including problem solving’s. There are no permanent disadvantages (bad requests/ DoS attacks and so on).


Example: KnowYourStack.com


There is a short description including a problem solving:


The last test recommends hiding the information’s about the ASP.NET version / IIS.

That’s not enough!

The service only provides very simple tests – For example there is no test for the entering validation. Here you need to be very carefully!

If someone wants to share more tips with us you are welcome J

Prevent the Top 10 Security holes!

Some time ago Philip Proplesch referred about the excellent Blog row from Troy Hunt: OWASP Top 10 for .NET developer’s part 1: Injection. Read!