List of Free code Security
Altairis Web Security Toolkit
Set of ASP.NET providers (Membership, Role, Profile) which can be bound to simple and highly configurable table structure on Microsoft SQL Server or use plain text file instead of database. Also includes basic authentication module for IIS 7.0
Asp.net Adhoc SQL Query Application
The Asp.net Adhoc SQL Query Application builds sql queries in a secure manner and prevents sql injection attacks. You configure db connections and sql queries in an XML file. The application supports select, execute, and sql batches. And you can output the results in a CVS file.
ASP.NET Tiny Security Providers
A pack of tiny (XML, Compact SQL etc) ASP.NET Membership, Role and Profile providers.
Ethical Hacking ASP.NET
Security tools and guidelines for white-hat hacking and protecting ASP.NET web applications.
The foundation library provides solutions to common development tasks in the areas logging, data access, web development (including ASP.NET MVC), and security.
Fxcop ASP.NET Security Rules
Fxcop ASP.NET security rules
This is a set of code analysis rules aiming at analyzing ASP.NET and ASP.NET MVC security against best practices. The rules can be used by Visual Studio 10 Ultimate or FxCop v10 standalone.
JMDCMS Content Management System
JMDCMS is a powerfull module based Content Management System. Written in ASP.net and C# with SQL Server as database. Flexible automatic 3Col, 2Col, 1Col layout. Page Level / Module Level security and publishing control. Search engine friendly URL with ability to Set Page Title...
The NWebsec security libraries for ASP.NET applications are built on the philosophy that security should be simple and maintainable.
patterns & practices Guidance Explorer
Guidance Explorer is a tool to find and use relevant patterns & practices guidance. Guidance Explorer installs with a guidance library including performance and security topics for .NET and ASP.NET applications. The guidance library contains checklists and guidelines covering des
An ASP.NET MVC custom attribute that allows the configuration of role based security access rules with similar functionality to the System.Web.Mvc.AuthorizeAttribute, but placed in a configuration file instead of hard-coded near the controller or actions.
Security Foundation -- WCF based SSO
This project was started as a WCF based SSO solution that serves ASP.NET websites (through membership providers ) and other winform / web services. Then we realized that we need to bring in claim-based funcitionalities and make it work as our own identity foundation.
Sholo.Web.Security contains several tools to improve the security of ASP.NET applications. Make FormsAuthentication stateful, strengthen FormsAuthTicket validation, detect & prevent Padding Oracle exploit, kick/ban users & IP's, detect multiple logins from different IP's, etc.