As a Web app penetration tester, you’ll sometimes need to assess the security posture of .NET Framework web apps. In a crystal-box assessment, you may have the opportunity to run the application locally in IIS Express. Of course, .NET Framework apps won’t run on your Linux guest. While it’s arguably…