Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-dotnet-security
Awesome .NET Security Resources
https://github.com/guardrailsio/awesome-dotnet-security
Last synced: 3 days ago
JSON representation
-
Libraries
- .NET Core Security Headers - Middleware for adding security headers to an ASP.NET Core application.
- NetEscapades.AspNetCore.SecurityHeaders - Small package to allow adding security headers to ASP.NET Core websites.
- HtmlSanitizer - Cleans HTML to avoid XSS attacks.
- JWT .NET - Jwt.Net, a JWT (JSON Web Token) implementation for .NET.
- NWebsec - Security libraries for ASP.NET.
- AspNetSaml - SAML client library, allows adding SAML single-sign-on to your ASP.NET app.
- AspNetCoreRateLimit - Package that will let you set rate limits for your .NET Core Api.
-
Static Code Analysis
- Security Code Scan - Vulnerability Patterns Detector for C# and VB.NET.
- Puma Scan - Puma Scan is a .NET software secure code analysis tool providing real time, continuous source code analysis.
- DevSkim - DevSkim is a set of IDE plugins and rules that provide security "linting" capabilities.
- SonarQube - SonarC# and SonarVB are static code analyser for C# and VB.NET languages used as an extension for the SonarQube and SonarCloud platforms. It will allow you to produce stable and easily supported code by helping you to find and to correct bugs, vulnerabilities and smells in your code.
-
Vulnerabilities and Security Advisories
- RetireNET - CLI extension to check your project for known vulnerabilities.
- OWASP Dependency Check - Detects publicly disclosed vulnerabilities in application dependencies.
- Audit.NET - Identify known vulnerabilities in .net NuGet dependencies.
- NuGet tool package - Nuget tool package for OWASP Dependency Check
- .NET Security Announcements - Watch this repo to receive security announcements in .NET Core
- Snyk Vulnerability DB - Commercial but free listing of known vulnerabilities in NuGet libraries.
- Common Vulnerabilities and Exposures - Vulnerabilities in .NET Core that were assigned a CVE.
- National Vulnerability Database - .NET related known vulnerabilities in the National Vulnerability Database.
- Snyk - CLI and build-time tool to find & fix known vulnerabilities in open-source dependencies.
-
Hacking Playgrounds
- WebGoat.NET - OWASP WebGoat.NET
- Damn Vulnerable Thick Client App - DVTA is a Vulnerable Thick Client Application developed in C# .NET
- ASP.NET Vulnerable Site - Online .NET application that can be used to practice hacking.
-
Articles, Guides & Talks
- Anti-Request Forgery - Prevent Cross-Site Request Forgery (XSRF/CSRF) attacks.
- Prevent Cross-Site Scripting - Prevent Cross-Site Scripting (XSS).
- Protect Secrets in Development - Safe storage of app secrets in development
- .NET Security Cheat Sheet - Quick, basic .NET security tips for developers.
- Hardening the security of your ASP.NET core apps - Lessons learned after a third-party penetration test.
- Security Headers - Adding Default Security Headers in .NET Core.
- The ASP.NET Core security headers guide - Another take on adding security headers in ASP.NET Core.
- Security Best Practices for ASP.NET MVC - Building Secure ASP.NET MVC Web Applications.
-
Reporting Bugs
Programming Languages
Categories
Sub Categories
Keywords
security
5
roslyn
2
static-analysis
2
static-code-analysis
2
c-sharp
2
asp-net-core
2
dotnet
2
aspnetcore
2
single-sign-on
1
sso
1
middleware
1
rate-limiting
1
analysis
1
analyzer
1
code
1
owasp
1
scan
1
saml2
1
saml-service-provider
1
saml
1
asp-net-mvc
1
asp-net
1
jwt
1
json
1
authorization
1
xss
1
sanitizer
1
html
1
vulnerabilities
1
snyk
1
monitor
1
visual-basic
1
static-analyzer
1
sonarqube
1
language-team
1
code-quality
1
vulnerability-detection
1
software-composition-analysis
1
security-audit
1
maven-plugin
1
jenkins-plugin
1
gradle-plugin
1
build-tool
1
ant-task
1
runtime
1
dotnetcore
1
dotnet-core
1
audit
1
visual-studio-extension
1
visual-studio-code-extension
1