ASP auditor v2 BETA released

Look for common misconfigurations and information leaks in
ASP.NET applications.

— v2.1— 25/Sep/06

  • GET /Trace.axd often leaks ASP.NET version when other methods fail.
  • Fixed "?" bug in JavaScript Validate test
  • Added Version into usage()

—v2.0— 16/Sep/06

  • Version plugin allowing specific ASP.NET versioning.
  • Version brute force capabilities using JavaScript validate
  • Check if global ASP.NET validate is being used.
  • Added brute force function and option in usage()

Post scriptum

Compliance Mandates

  • Code Auditing :

    PCI/DSS 6.3.6, 6.3.7, 6.6, SOX A12.8, GLBA 16CFR Part 314.4(b) and (2);FISMA RA-5, SC-18, SA-11 SI-2, and ISO 27001/27002 (12.4.1, 12.4.3, 12.5)

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Asp Auditor
Code Auditing
Vulnerability Scanner