A graphic demonstration of information leakage through security misconfiguration
A couple of days back I wrote about how 67% of ASP.NET websites have serious configuration related security vulnerabilities [https://www.troyhunt.com/2012/04/67-of-aspnet-websites-have-serious.html]. In the post, I drew on figures collected by ASafaWeb [https://asafaweb.com] and observed that small misconfigurations in config files could very easily disclose information that could be leveraged to exploit the application. Quite a bit of discussion ensued through the comments, via Twitter and on...