[Owasp-delhi] VA for IIS

Akash akashmahajan at gmail.com
Sun Feb 28 13:35:40 EST 2010


The free version just checks for XSS and shows a lot of false positives.

On 26 February 2010 13:11, Parthajit Panda <Parthajit.Panda at gmrgroup.in> wrote:
> Another tool which can be used for free
>
>
>
> http://www.acunetix.com/index.htm





>
>
>
> regards
>
> Parthajit
>
>
>
> From: owasp-delhi-bounces at lists.owasp.org
> [mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of Satyajit Das
> Sent: Wednesday, February 24, 2010 2:06 PM
> To: owasp-delhi at lists.owasp.org; owasp-bangalore at lists.owasp.org
> Subject: [Owasp-delhi] VA for IIS
>
>
>
> hi All,
>
>
>
> Some sites that can help in IIS V.A.  Thanks to Akash.
>
>
> IIS Security Checklist
> http://windows.stanford.edu/docs/IISsecchecklist.htm
>
> Security Guidance for IIS
> http://technet.microsoft.com/en-us/library/dd450371%28WS.10%29.aspx
>
> Tools for troubleshooting IIS Security issues
> http://download.cnet.com/IIS-Security-Audit/3000-2653_4-10102230.html
> http://support.microsoft.com/kb/229694
>
> General IIS Security page
> http://www.cgisecurity.com/iis-security.html
>
> A free ebook on IIS security
> http://test.cgisecurity.com/lib/IIS_Security_and_Programming_Countermeasures.pdf
>
> -----------------------
> warm regards,
> Akash Mahajan
> ----------------------------------------------------------
> Security Consultant, (Web / Networks /
> Servers / IT/ Virtualization)
> Founder Headstart Network Foundation
> ----------------------------------------------------------
> http://www.linkedin.com/in/akashm
> http://twitter.com/makash
> ----------------------------------------------------------
>
>
> ________________________________
> This e-mail contains information which is confidential and/or legally
> privileged. If you are not the intended recipient , you are hereby notified
> that any disclosure, copying, distribution or the taking of any action in
> reliance on the contents of this e-mail is strictly prohibited. If you have
> received this e-mail in error, please destroy it and notify us by reply
> e-mail or by telephone. Internet E-mail messages may be subject to delays,
> non-delivery and unauthorised alterations and we shall not be responsible
> for the consequence(s) in such event(s). All reasonable precautions have
> been taken to ensure no viruses are present in this E-mail. We cannot accept
> responsibility for loss or damage arising from the use of this E-mail or
> attachments and recommend that you subject these to your virus checking
> procedures prior to use.
>
> _______________________________________________
> Owasp-delhi mailing list
> Owasp-delhi at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-delhi
>
>



-- 
warm regards,
Akash Mahajan
----------------------------------------------------------
Security Consultant, (Web / Networks /
Servers / IT/ Virtualization)
Founder Headstart Network Foundation
----------------------------------------------------------
http://www.linkedin.com/in/akashm
http://twitter.com/makash
----------------------------------------------------------


More information about the Owasp-delhi mailing list