Difference between revisions of ".NET Project Wishlist"

From OWASP
Jump to: navigation, search
(What articles, content or general feedback do you have for the OWASP .NET Project?)
(13 intermediate revisions by 2 users not shown)
Line 1: Line 1:
== What articles, content or general feedback do you have for the OWASP .NET Project? ==
+
= What articles, content or general feedback do you have for the OWASP .NET Project? =
 +
 
 
Feel free to leave ideas here to improve this section of the OWASP site.  We hope to incorporate your suggestions into the .NET Project.  For more information on what we are doing now, please check out the [[OWASP .Net Project Roadmap]].
 
Feel free to leave ideas here to improve this section of the OWASP site.  We hope to incorporate your suggestions into the .NET Project.  For more information on what we are doing now, please check out the [[OWASP .Net Project Roadmap]].
  
 
Thank you for your contribution.
 
Thank you for your contribution.
  
'''Topics for Articles'''
 
  
*.NET Callbacks - Vulnerabilities and Remediation<br/>
+
==Guidance==
Suggested by Dinis Cruz<br/>
+
 
http://articles.techrepublic.com.com/5100-10878_11-6156749.html#
+
* Using Rfc2898DeriveBytes for PBKDF2
 +
* Windows Identity Foundation
 +
* [[AntiXssEncoder]]
 +
* DPAPI
 +
* Exception Handling
 +
* [[Anti CSRF Tokens ASP.NET]]
 +
* Memory Management
 +
* ClickOnce Deployment
 +
*.NET Callbacks - Vulnerabilities and Remediation
 +
* ASP.NET Request Validation
 +
* Dependency Injection
 +
* IoC containers
 +
* Threat Modelling
 +
 
 +
==Components==
 +
 
 +
Some of these are in the ESAPI, and perhaps should be broken into smaller more manageable projects
 +
 
 +
* Validator
 +
* Encoder
 +
* HTTP Utilities
 +
* HTML Sanitizer
  
 +
==Tools==
 +
* [https://www.owasp.org/index.php/OWASP_O2_Platform OWASP O2 Platform]
  
 
[[Category:OWASP .NET Project]]
 
[[Category:OWASP .NET Project]]

Revision as of 18:56, 10 April 2014

What articles, content or general feedback do you have for the OWASP .NET Project?

Feel free to leave ideas here to improve this section of the OWASP site. We hope to incorporate your suggestions into the .NET Project. For more information on what we are doing now, please check out the OWASP .Net Project Roadmap.

Thank you for your contribution.


Guidance

  • Using Rfc2898DeriveBytes for PBKDF2
  • Windows Identity Foundation
  • AntiXssEncoder
  • DPAPI
  • Exception Handling
  • Anti CSRF Tokens ASP.NET
  • Memory Management
  • ClickOnce Deployment
  • .NET Callbacks - Vulnerabilities and Remediation
  • ASP.NET Request Validation
  • Dependency Injection
  • IoC containers
  • Threat Modelling

Components

Some of these are in the ESAPI, and perhaps should be broken into smaller more manageable projects

  • Validator
  • Encoder
  • HTTP Utilities
  • HTML Sanitizer

Tools