I gave my Pentesting ASP.NET talk at Safelite today, celebrating the 20th presentation of this deck. It's a good talk, I'm glad so many people like it. I know I'll be delivering it at the Louisville .NET user group in June, and there is probably some others that I am forgetting.
Anyway, there was a request for some links that I talk about diring that talk, so here they are:
The Secure Coding Practice Quick Reference Guide
The OWASP Top 10 Cheat Sheet
Troy Hunt's OWASP Top 10 ASP.NET blog series - probably the best writing on the topic ever. No foolin.
The Zed Attack Proxy
SET - The Social Engineer's Toolkit
Oh, and here are the sites for Defcon, Derbycon and Notacon, too.