Come recita l’introduzione del tool:
UrlScan is a tool that runs on IIS and monitors URL’s for suspicious parameters in the URL. It can be used to help alleviate SQL Injection, but it doesn’t alleviate you from practicing ASP.NET Security Best Practices.
Per the UrlScan Overview:
“UrlScan version 3.0 is a security tool that restricts the types of HTTP requests that Internet Information Services (IIS) 6.0 will process. UrlScan screens all incoming requests to the server by filtering the requests based on rules that are set by the administrator. Filtering requests helps secure the server by ensuring that only valid requests are processed.”