In a ASP.NET MVC along with a test case project,
How does someone create a test case to test against existing security exploits on a controller method?
For example, how do you create a test case for a call that need anti-forgery token? Or XSS?
+1
A:
The best way to test for XSS is by using a specialized tool for testing for these types of vulnerabilities. Wapiti and w3af are both good open source tools that can test for XSS, SQL Injection and worse vulnerabilities. Acunetix is easy to use but it is expensive, however the free edition will only test for XSS which is what you need: http://www.acunetix.com/cross-site-scripting/scanner.htm
I believe that by "anti-forgery tolken" you are referring to an XSRF protection system. I don't believe that an automated test can be created against XSRF. XSRF has absolutely nothing to do with the type of data being sent in a request, but rather where it is coming from. Tools have been written to test for XSRF and w3af has one of these tests. However every automated XSRF test I have seen is COMPLETELY WORTHLESS. If you want XSRF test done right you have to do it your self: http://www.owasp.org/index.php/Testing_for_CSRF_%28OWASP-SM-005%29
Rook
2010-01-15 22:36:40