[Owasp-leaders] WCF Question

Dennis Groves dennis.groves at owasp.org
Sat Jan 11 03:07:02 UTC 2014


Hello vreddy,


   1. You should review and understand the information found at
OWASP<https://www.owasp.org/index.php/WCF_Security_Best_Practices>
   .
   2. You should read The Microsoft Patterns and
Practices<https://wcfsecurity.codeplex.com/>
   .
   1. At least one of the Authors is a member of OWASP and listens in on
      the OWASP-Leaders list.
      2. They are likely to help you, but be prepared before asking
      questions.
      3. Do your homework and don't ask questions that can be googled and
      found with some effort on your part.
      4. For example:
      https://stackoverflow.com/questions/620333/whats-the-best-way-to-test-wcf-services
   3. The very best tool for testing WCF is OWASP
O2<https://www.owasp.org/index.php/OWASP_O2_Platform>;
   however the learning curve is very non-trivial.
      1. However, if your fluent in .NET; it has a 'REPL' allowing you to
      explore.
      2. Exploration is the best form of testing anyhow.


I hope this is helpful to you,


Dennis




On Fri, Jan 10, 2014 at 7:47 PM, Samantha Groves
<samantha.groves at owasp.org>wrote:

> Hello Leaders,
>
> I am hoping you can help me answer a question I recently received from
> Reddy, cced into this message. He asks:
>
> ######################
>
> What are the best tools available to test WCF services, and our WCF
> service is using net tcp binding? Thank you.
>
> ######################
>
> Thank you for your assistance, Leaders.
>
> SG
>
> --
>
> *Samantha Groves, MBA*
>
> *OWASP Projects Manager*
>
>
>  The OWASP Foundation
>
> Phoenix, USA
>
> Email: samantha.groves at owasp.org
>
> Skype: samanthahz
>
>
> OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>
>
> Book a Meeting with Me <http://goo.gl/mZXdZ>
>
> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>
> New Project Application Form <http://www.tfaforms.com/263506>
>
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
Dennis Groves <http://about.me/dennis.groves>, MSc
Email me, <dennis.groves at owasp.org> or schedule a meeting<http://goo.gl/8sPIy>
.
*This email is licensed under a CC BY-ND 3.0
<http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB> license.*
Stand up for your freedom to install free
software.<http://www.fsf.org/campaigns/secure-boot/statement>
Please do not send me Microsoft Office/Apple iWork documents.
Send OpenDocument <http://fsf.org/campaigns/opendocument/> instead!

<http://www.owasp.org/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140110/035faa42/attachment.html>


More information about the OWASP-Leaders mailing list