awesome-dotnet-security

Prevent Cross-Site Request Forgery (XSRF/CSRF) attacks.

Lessons learned after a third-party penetration test.

Quick, basic .NET security tips for developers.

Prevent Cross-Site Scripting (XSS).

Safe storage of app secrets in development

Microsoft's take on secure coding guidelines.

Package that will let you set rate limits for your .NET Core Api.

SAML client library, allows adding SAML single-sign-on to your ASP.NET app.

Cleans HTML to avoid XSS attacks.

Jwt.Net, a JWT (JSON Web Token) implementation for .NET.

Middleware for adding security headers to an ASP.NET Core application.

Small package to allow adding security headers to ASP.NET Core websites.

Online .NET application that can be used to practice hacking.

DVTA is a Vulnerable Thick Client Application developed in C# .NET

A GitHub repository featuring an application with over 50 interactive security vulnerabilities.

OWASP WebGoat.NET

Identify known vulnerabilities in .net NuGet dependencies.

Vulnerabilities in .NET Core that were assigned a CVE.

.NET related known vulnerabilities in the National Vulnerability Database.

Watch this repo to receive security announcements in .NET Core

Nuget tool package for OWASP Dependency Check

Nuget tool package for OWASP Dependency Check

DevSkim is a set of IDE plugins and rules that provide security "linting" capabilities.

Continuous verification platform that integrates tightly with leading version control systems.

Puma Scan is a .NET software secure code analysis tool providing real time, continuous source code analysis.

Vulnerability Patterns Detector for C# and VB.NET.

SonarC# and SonarVB are static code analyser for C# and VB.​NET languages used as an extension for the SonarQube and SonarCloud platforms. It will allow you to produce stable and easily supported code by helping you to find and to correct bugs, vulnerabilities and smells in your code.