awesome-dotnet-security

.NET Security Resources

A curated collection of security resources and tools for .NET applications

Awesome .NET Security Resources

GitHub
506 stars
24 watching
53 forks
last commit: over 2 years ago
Linked from 1 awesome list

awesomeawesome-listdotnetdotnet-coredotnet-frameworksecuritysecurity-testingsecurity-toolsstatic-analysis

Tools / Libraries
.NET Core Security Headers 264 about 1 year ago Middleware for adding security headers to an ASP.NET Core application
NetEscapades.AspNetCore.SecurityHeaders 696 20 days ago Small package to allow adding security headers to ASP.NET Core websites
HtmlSanitizer 1,568 4 months ago Cleans HTML to avoid XSS attacks
JWT .NET 2,139 about 2 months ago Jwt.Net, a JWT (JSON Web Token) implementation for .NET
NWebsec 544 over 1 year ago Security libraries for ASP.NET
AspNetSaml 368 9 months ago SAML client library, allows adding SAML single-sign-on to your ASP.NET app
AspNetCoreRateLimit 3,119 4 months ago Package that will let you set rate limits for your .NET Core Api

Tools / Static Code Analysis
GuardRails Continuous verification platform that integrates tightly with leading version control systems
Security Code Scan 944 5 months ago Vulnerability Patterns Detector for C# and VB.NET
Puma Scan 446 about 2 years ago Puma Scan is a .NET software secure code analysis tool providing real time, continuous source code analysis
DevSkim 910 9 days ago DevSkim is a set of IDE plugins and rules that provide security "linting" capabilities
SonarQube 796 about 1 month ago SonarC# and SonarVB are static code analyser for C# and VB.​NET languages used as an extension for the SonarQube and SonarCloud platforms. It will allow you to produce stable and easily supported code by helping you to find and to correct bugs, vulnerabilities and smells in your code

Tools / Vulnerabilities and Security Advisories
RetireNET 178 almost 3 years ago CLI extension to check your project for known vulnerabilities
OWASP Dependency Check 6,441 7 days ago Detects publicly disclosed vulnerabilities in application dependencies

Tools / Vulnerabilities and Security Advisories / OWASP Dependency Check
NuGet tool package Nuget tool package for OWASP Dependency Check

Tools / Vulnerabilities and Security Advisories
Audit.NET 55 about 1 year ago Identify known vulnerabilities in .net NuGet dependencies
Snyk 4,952 6 days ago CLI and build-time tool to find & fix known vulnerabilities in open-source dependencies
.NET Security Announcements 1,293 over 2 years ago Watch this repo to receive security announcements in .NET Core
Snyk Vulnerability DB Commercial but free listing of known vulnerabilities in NuGet libraries
Common Vulnerabilities and Exposures Vulnerabilities in .NET Core that were assigned a CVE
National Vulnerability Database .NET related known vulnerabilities in the National Vulnerability Database

Educational / Hacking Playgrounds
WebGoat.NET 223 11 months ago OWASP WebGoat.NET
Damn Vulnerable Thick Client App 146 over 4 years ago DVTA is a Vulnerable Thick Client Application developed in C# .NET
ASP.NET Vulnerable Site Online .NET application that can be used to practice hacking

Educational / Articles, Guides & Talks
Anti-Request Forgery Prevent Cross-Site Request Forgery (XSRF/CSRF) attacks
Prevent Cross-Site Scripting Prevent Cross-Site Scripting (XSS)
Protect Secrets in Development Safe storage of app secrets in development
.NET Security Cheat Sheet Quick, basic .NET security tips for developers
Hardening the security of your ASP.NET core apps Lessons learned after a third-party penetration test
Secure Coding Guidelines Microsoft's take on secure coding guidelines
Security Headers Adding Default Security Headers in .NET Core
The ASP.NET Core security headers guide Another take on adding security headers in ASP.NET Core
Security Best Practices for ASP.NET MVC Building Secure ASP.NET MVC Web Applications

Other / Reporting Bugs
Report a Security Issue

Backlinks from these awesome lists:

More related projects: