This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit


Jump to: navigation, search
This historical page is now part of the OWASP archive.
This page contains content that is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were once valid but may now link to sites or pages that no longer exist.
Please use the newer Edition(s) like Category:OWASP_.NET_Project
Comment: These features are now built into the .NET Framework

Partial port of ModSecurity to the .Net Platform which includes the following features:


  • Validation of Cookies And Querystrings for the given rules,
  • Logging of the Response and Requests Of The Application
  • Automatic detection of the CodePage used in the WebApplication and prevention of the lowhigh unicode attack to the ASP.Net Applications.
  • Includes whole the features and some advances of the Validator.Net inside.
  • The filtration process is fully customizable over Web Browser and The Validation Process can be tracked over Web Browser.
  • Includes Automatic Application Unhandled Error Detection and Logging.
  • No need to change the code of the Application.
  • Implemented as a HttpModule.
  • Integrates with existing ASP.Net Web Applications
  • Can be easily configured using web.config