OWASP .NET Active Projects

OWASP Projects
Note: The following releases are available on the dotNET section of the SourceForge OWASP Project pages


 * Owasp SiteGenerator (sponsored by Foundstone)
 * Owasp Report Generator
 * ANBS (Asp.Net Baseline Security) - includes the tools SAM'SHE (Security Analyzer for Microsoft's Shared Hosting Environments) and Online IIS Metabase Explorer
 * ASP.NET Reflector
 * ANSA (Asp.Net Security Analyzer) - first tool developed by Dinis Cruz that hilights the security problems of Full Trust Asp.Net code (contains Proof of Concept tests (i.e. exploits))
 * DefApp - Partial port of ModSecurity to the .Net Platform
 * Owasp FOSBBWAS (code name Beretta)
 * .Net Assembly Analyzer
 * OWASP Tiger
 * .Net CSRF Guard

The following OWASP projects are hosted on other project hosting sites:


 * OWASP ESAPI .NET

Active Project Workspaces

 * Task and Research projects
 * FXCop Ruleset
 * Sprajax
 * CSSpider
 * SCAN (Code Scanner)

Related Open Source Projects

 * Hacme Bank (Foundstone tool)
 * .NetMon (Foundstone tool)
 * Validator.NET (Foundstone tool)

Source Code Repositories
Any repository that allows public access and has terms of service that holds no claim on the content that our members upload is generally o.k. The following repos are popular among the members:


 * OWASP @ Codeplex
 * OWASP @ Google Code
 * OWASP @ SourceForge

Starting your own .NET Project
If you're interested in starting your own project, please read How to Start an OWASP Project. Remember to add the tag: to the end of new projects so that they're properly categorized.