This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of ".NET Project Wishlist"

From OWASP
Jump to: navigation, search
 
(3 intermediate revisions by the same user not shown)
Line 10: Line 10:
 
* Using Rfc2898DeriveBytes for PBKDF2
 
* Using Rfc2898DeriveBytes for PBKDF2
 
* Windows Identity Foundation
 
* Windows Identity Foundation
* AntiXssEncoder
+
* [[AntiXssEncoder]]
 
* DPAPI
 
* DPAPI
 
* Exception Handling
 
* Exception Handling
* Anti CSRF Tokens
+
* [[Anti CSRF Tokens ASP.NET]]
 
* Memory Management
 
* Memory Management
 
* ClickOnce Deployment
 
* ClickOnce Deployment
 
*.NET Callbacks - Vulnerabilities and Remediation
 
*.NET Callbacks - Vulnerabilities and Remediation
*ASP.NET Request Validation
+
* ASP.NET Request Validation
*Dependency Injection, IoC containers and Threat Modelling
+
* Dependency Injection
 +
* IoC containers
 +
* Threat Modelling
  
 
==Components==
 
==Components==
Line 24: Line 26:
 
Some of these are in the ESAPI, and perhaps should be broken into smaller more manageable projects
 
Some of these are in the ESAPI, and perhaps should be broken into smaller more manageable projects
  
* Validator
+
* Output Encoder
* Encoder
 
 
* HTTP Utilities
 
* HTTP Utilities
 
* HTML Sanitizer
 
* HTML Sanitizer
 +
* Unit Test Integration
 +
* Static Code Analysis
 +
 +
==Tools==
 +
* [https://www.owasp.org/index.php/OWASP_O2_Platform OWASP O2 Platform]
 +
* [https://www.owasp.org/index.php/.NET_Web_Service_Validation .NET Web Service Validation]
  
 
[[Category:OWASP .NET Project]]
 
[[Category:OWASP .NET Project]]

Latest revision as of 21:39, 9 July 2014

What articles, content or general feedback do you have for the OWASP .NET Project?

Feel free to leave ideas here to improve this section of the OWASP site. We hope to incorporate your suggestions into the .NET Project. For more information on what we are doing now, please check out the OWASP .Net Project Roadmap.

Thank you for your contribution.


Guidance

  • Using Rfc2898DeriveBytes for PBKDF2
  • Windows Identity Foundation
  • AntiXssEncoder
  • DPAPI
  • Exception Handling
  • Anti CSRF Tokens ASP.NET
  • Memory Management
  • ClickOnce Deployment
  • .NET Callbacks - Vulnerabilities and Remediation
  • ASP.NET Request Validation
  • Dependency Injection
  • IoC containers
  • Threat Modelling

Components

Some of these are in the ESAPI, and perhaps should be broken into smaller more manageable projects

  • Output Encoder
  • HTTP Utilities
  • HTML Sanitizer
  • Unit Test Integration
  • Static Code Analysis

Tools