|
|
| (28 intermediate revisions by 2 users not shown) |
| Line 1: |
Line 1: |
| − | = Themes =
| |
| − | The themes of the .NET Project include:
| |
| − | * Deep, rich guidance for .NET developers in using the security features of .NET
| |
| − | * Guidance for use of OWASP components that are designed for use with .NET
| |
| − | * Information about working with and on OWASP tools built using .NET
| |
| | | | |
| − | = Features =
| |
| − |
| |
| − | Features are parts of the project at a very high level.
| |
| − |
| |
| − | == Guidance ==
| |
| − |
| |
| − | Guidance is documentation that assists .NET developers impleenting the security features of the framework. Current examples include:
| |
| − |
| |
| − | * The [[.NET Security Cheat Sheet]]
| |
| − | * [[.NET Penetration Testing]]
| |
| − |
| |
| − | Topics that require content creation include:
| |
| − |
| |
| − | * Rfc2898DeriveBytes for PBKDF2
| |
| − | * WIF
| |
| − | * AntiXssEncoder
| |
| − | * DPAPI
| |
| − | * Exception handling
| |
| − | * Anti CSRF
| |
| − | * Memory Management
| |
| − | * ClickOnce Deployment
| |
| − |
| |
| − | == Components ==
| |
| − |
| |
| − | Components are pieces of software that assist .NET developers in building more secure code. Many updates are needed:
| |
| − |
| |
| − | * ESAPI.NET
| |
| − | * .[[.Net CSRF Guard]]
| |
| − | * [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project_.NET AntiSamy .NET]
| |
| − |
| |
| − | == Projects that use .NET ==
| |
| − |
| |
| − | These are projects that happen to be built in .NET and could use .NET development assistance
| |
| − |
| |
| − | * O2
| |
| − | * WebGOAT.NET
| |
| − |
| |
| − | = Ideas =
| |
| − | | |
| | | | |
| | | | |
