This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP .Net Project Roadmap"

From OWASP
Jump to: navigation, search
Line 16: Line 16:
 
* .NET Penetration Testing
 
* .NET Penetration Testing
  
Current plans include:
+
Topics that require content creation include:
  
 
* Rfc2898DeriveBytes for PBKDF2
 
* Rfc2898DeriveBytes for PBKDF2

Revision as of 00:20, 30 March 2014

Themes

The themes of the .NET Project include:

  • Deep, rich guidance for .NET developers in using the security features of .NET
  • Guidance for use of OWASP components that are designed for use with .NET
  • Information about working with and on OWASP tools built using .NET

Features

Features are parts of the project at a very high level.

Guidance

Guidance is documentation that assists .NET developers impleenting the security features of the framework. Current examples include:

  • The .NET Security Cheat Sheet
  • .NET Penetration Testing

Topics that require content creation include:

  • Rfc2898DeriveBytes for PBKDF2
  • WIF
  • AntiXssEncoder
  • DPAPI
  • Exception handling
  • Anti CSRF
  • Memory Management
  • ClickOnce Deployment

Components

Components are pieces of software that assist .NET developers in building more secure code. Many updates are needed:

  • ESAPI.NET
  • .NET CSRF Guard
  • AntiSamy .NET

Projects that use .NET

These are projects that happen to be built in .NET and could use .NET development assistance

  • O2
  • WebGOAT.NET

Ideas

Please send your ideas to the OWASP.Net mailing list ([email protected])