Monday, October 29, 2007

XSS detection tool for VS2005

Microsoft download has now a tool to detect XSS leaks in ASP.NET code.

XSSDetect is a static code analysis tool that helps identify Cross-Site Scripting security flaws found within Web applications. It is able to scan compiled managed assemblies (C#, Visual Basic .NET, J#) and analyze dataflow paths from sources of user-controlled input to vulnerable outputs. It also detects whether proper encoding or filtering has been applied to the data and will ignore such "sanitized" paths.

Friday, October 26, 2007

VS 2005 Tortoise Integration

For Visual Studio 2005, settings to work with TortoiseSVN within the GUI:

VS 2005 Tortoise Integration.