List of Errors Follow before Go Live a Site

http://www.dotnetnoob.com/2010/11/how-to-secure-aspnet-cookies.html

http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx

http://msdn.microsoft.com/en-us/library/ff648339.aspx

http://www.codeproject.com/Articles/573458/An-Absolute-Beginners-Tutorial-on-Cross-Site-Scrip

http://www.iis.net/downloads/microsoft/urlscan

http://weblogs.asp.net/scottgu/archive/2010/09/24/update-on-asp-net-vulnerability.aspx

http://www.rapid7.com/vulndb/lookup/spider-sensitive-form-data-autocomplete-enabled

　

A1: Injection

A2: Cross-Site Scripting (XSS)

A3: Broken Authentication and Session Management

A4: Insecure Direct Object References

A5: Cross-Site Request Forgery (CSRF)

A6: Security Misconfiguration

A7: Insecure Cryptographic Storage

A8: Failure to Restrict URL Access

A9: Insufficient Transport Layer Protection

A10: Unvalidated Redirects and Forwards