Browse by Tags

• Code Inspection
• Development Phase
• End User
• Inception Phase
• Security
• Sensitive Data
• Test Phase
• Tools

Calculate Security Breach Cost Yourself

That is both amazing and amusing (I will leave "why" to myself....) but now CxO does not have to think twice whether security services are too expensive. Check out this Security Breach Cost Calculator. via http://news.com.com/2061-10789_3-6176074.html?part=rss&tag=2063-10789_3-0&subj=news Read More...

Posted 19 April 07 10:35 by alikl | 1 Comments   
Filed under Security, Information Gathering, Inception Phase

Code Inspection - First Look For What To Look For

Reposted from Security Code Inspection - First Look For What To Look For for further reuse on this blog. I found it extremely productive to first look for strings in the code. But what strings to look for? And how to look for the strings? Looking into Read More...

Posted 20 March 07 10:13 by alikl | 8 Comments   
Filed under Test Phase, Security, Information Gathering, Sensitive Data, Tools, Code Inspection, Development Phase

I Invite You To Rob Me

Is not it usual OOF message we put? "OOF until <<here comes date>> visiting customers in <<12 hours flight from home>>" In other words, until the date you are invited to break into my office, house, and car. Here are some guidelines Read More...

Posted 09 March 07 04:26 by alikl | 1 Comments   
Filed under Test Phase, Security, Information Gathering, End User

Google Hacking

It is not hacking Google but using Google to hack others Got practical guide? - Sure: Got some tooling? - Sure: SiteDigger™ Can I do it with Live Search? - Sure: This is How They will Hack Your Web Site What do I do to get protected????! Proactive Security Read More...

Posted 06 March 07 07:33 by alikl | 3 Comments   
Filed under Test Phase, Security, Information Gathering

Google Code Search - Different Perspective

Google launches a special treat just for developers ... I'd like to present it from some different perspective. Imagine you provide search criteria as follows: " Initial Catalog " - try it. What do you see? More like these here Doesn't it make you want Read More...

Posted 05 March 07 08:56 by alikl | 1 Comments   
Filed under Test Phase, Security, Information Gathering, Sensitive Data

Search

This Blog

• Home
• Email

Tags

• Agile
• AJAX
• Auditing and Logging
• Authentication
• Authorization
• CardSpace
• CAS
• Code Inspection
• Consulting
• Deployment Inspection
• Deployment Phase
• Development Phase
• End User
• Exception Handling
• Fuzzing
• IIS 7
• Implementation
• Inception Phase
• Information Gathering
• Input Validation
• Interop
• Operations
• Performance
• Planning Phase
• Practices
• Reflection
• Security
• Sensitive Data
• SharePoint
• Test Phase
• Threading
• Threat Modeling
• Tools
• Video
• Vista
• VSTS
• WCF

Archives

• November 2008 (8)
• October 2008 (6)
• September 2008 (4)
• August 2008 (1)
• July 2008 (7)
• June 2008 (5)
• May 2008 (4)
• April 2008 (4)
• March 2008 (3)
• February 2008 (3)
• January 2008 (10)
• December 2007 (6)
• November 2007 (4)
• October 2007 (11)
• September 2007 (4)
• August 2007 (6)
• July 2007 (8)
• June 2007 (3)
• May 2007 (21)
• April 2007 (25)
• March 2007 (25)

. My Personal Blog .

• Practice This

.Net Performance How To's

• Improving .NET Application Performance and Scalability
• Exceptional Performance
• Performance Testing Guidance How-To's
• Fiddler PowerToy - Part 2: HTTP Performance
• Performance Testing with Fiddler
• Bottleneck-Detection Counters
• Troubleshooting Performance Problems in SQL Server 2005
• Performance Frame - v2

.Net Security How To's

• patterns & practices Security How To's Index
• ASP.NET 2.0 Security Questions and Answers
• Tamper detection
• Authentication Hub
• VSTS Resources
• Architecture and Design checklists
• Securing Sites with IP Address Restrictions
• WCF - XSD validation for WCF services
• WCF - Message Inspectors
• Using Credential Management in Windows XP and Windows Server 2003
• WCF - Common Security Scenarios
• WCF - Authorization
• Validating XML Data with XmlReader
• Input Validation - XML Data
• Validation - Web Client Software Factory
• patterns & practices WCF Security Application Scenarios
• Microsoft Identity and Access Management Series

Design Patterns

• data & object factory
• Yahho Design Pattern Library
• Sample .Net 3.0 app
• Application Architecture for .NET: Designing Applications and Services
• Litware HR - A Multitenant sample application
• Microsoft .NET Pet Shop 4.0
• Responsive Composite Web Client Reference Implementation
• Table of Contents: Introduction to CAB/SCSF
• ASP.NET Quickstarts
• Microsoft Identity and Access Management Series
• Software design patterns

Impactful

• Super Size Me
• Billy Eliot
• The Legend of 1900
• The Terminal
• The Counterfeiters

Lifecycle Phases

• 5. Deployment Phase
• 3. Development Phase
• 4. Test Phase
• 1. Inception Phase
• 2. Planning Phase

Popular

• My Favorite Shortcuts
• My Pipeline Is My Inbox
• Security .Net Code Inspection Using Outlook 2007
• Security Code Inspection - Eternal Search For SQL Injection
• .Net Assembly Spoof Attack
• Code Inspection - First Look For What To Look For
• How To Hack WCF - New Technology, Old Hacking Tricks
• Generate Documents Out Of Mail Items Directly From Outlook 2007
• ARCast With Ron Jacobs - Defending the Application
• How to Use Outlook 2007 RSS To Effectively Aggregate And Distill Information

Tools

• Fiddler2 Web Debugger - Freeware HTTP(S) debugging tool
• Microsoft Network Monitor 3
• FxCop Team Page
• Microsoft Threat Analysis & Modeling
• Windows Sysinternals tools
• Log Parser 2.2
• p&p Practices Checker - performance
• Microsoft ® Windows Server ™ 2003 Performance Advisor
• Ajax View
• WCat 6.3 (x86)
• Funnel Web Analyzer 5.0 for Windows

Syndication

• RSS 2.0
• Atom 1.0