start with security
MVP
Silver Solution Partner
Certified Developer
- 2641
- 42722
- 1/21/2010
- United States
Hi,
It's little late response but it may be of help to someone.
There is no exact documentation for NopCommerce security it uses the standard security techniques for web applications that .NET framework gives you.
Here is a basic list of security techniques you could find in NopCommerce or come with .NET framework or you could find interesting.
AntiForgeryToken
Denial of Service
SSL
CORS
SQL Injection
Parameter Tampering
Command Injection
Session Management (http://www.securityninja.co.uk/secure-development/session-management/)
... and many more
You could find more about common attacks here.
You could try yourself common web exploits following the google Web Application Exploits and Defenses course.
You could find more about .NET security here
Hope this is of help!
It's little late response but it may be of help to someone.
There is no exact documentation for NopCommerce security it uses the standard security techniques for web applications that .NET framework gives you.
Here is a basic list of security techniques you could find in NopCommerce or come with .NET framework or you could find interesting.
AntiForgeryToken
Denial of Service
SSL
CORS
SQL Injection
Parameter Tampering
Command Injection
Session Management (http://www.securityninja.co.uk/secure-development/session-management/)
... and many more
You could find more about common attacks here.
You could try yourself common web exploits following the google Web Application Exploits and Defenses course.
You could find more about .NET security here
Hope this is of help!