/ASP.NET-Core-Secure-Coding-Cookbook

ASP.NET Core 5 Secure Coding Cookbook, published by Packt

Primary LanguageC#MIT LicenseMIT

ASP.NET Core 5 Secure Coding Cookbook

Browser

This is the code repository for ASP.NET Core 5 Secure Coding Cookbook, published by Packt.

Practical recipes for tackling vulnerabilities in your ASP.NET web applications

What is this book about?

ASP.NET Core developers are often presented with security test results showing the vulnerabilities found in their web apps. While the report may provide some high-level fix suggestions, it does not specify the exact steps that you need to take to resolve or fix weaknesses discovered by these tests.

This book covers the following exciting features:

  • Understand techniques for squashing an ASP.NET Core web app security bug
  • Discover different types of injection attacks and understand how you can prevent this vulnerability from being exploited
  • Fix security issues in code relating to broken authentication and authorization
  • Eliminate the risks of sensitive data exposure by getting up to speed with numerous protection techniques
  • Prevent security misconfiguration by enabling ASP.NET Core web application security features
  • Explore other ASP.NET web application vulnerabilities and secure coding best practices

If you feel this book is for you, get your copy today!

Instructions and Navigations

All of the code is organized into folders. For example, Chapter02.

The code will look like the following:

  if (result.Succeeded)
  {
    _logger.LogInformation("User logged in.");
    return LocalRedirect(returnUrl);
  }

Following is what you need for this book: This ASP.NET Core 5 book is for intermediate-level ASP.NET Core web developers and software engineers who use the framework to develop web applications and are looking to focus on their security using coding best practices. The book is also for application security engineers, analysts, and specialists who want to know more about securing ASP.NET Core using code and understand how to resolve issues identified by the security tests they perform daily.

With the following software and hardware list you can run all code files present in the book (Chapter 1-13).

Software and Hardware List

Chapter Software required OS required
1-10 .NET 5.0, Visual Studio Code, Git, ASP.NET Core Razor Pages, SQLite databse engine Windows, Mac OS X, and Linux (Any)
2, 12 MongoDB Windows, Mac OS X, and Linux (Any)
5 XML Windows, Mac OS X, and Linux (Any)
9 DevSkim VSCode extension Windows, Mac OS X, and Linux (Any)
10 Retire.js browser extension Windows, Mac OS X, and Linux (Any)

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. Click here to download it.

Related products

Get to Know the Author

Roman Canlas is a Senior Application Security Engineer working at a Fortune 500 company where he successfully established its global Application Security program from the ground up. His years of experience as a developer-led him to be an expert in Secure Code reviews and Static Application Security testing, focusing on web technologies.

Roman held multiple certifications: the GIAC Web Application Penetration Tester (GWAPT), ISC2's Certified Secure Software Lifecycle Professional (CSSLP), and EC-Council's Certified Application Security Engineer in .NET (CASE.NET).

Roman also has a Master's degree in Information Systems and a Bachelors in Computer Science.

Download a free PDF

If you have already purchased a print or Kindle version of this book, you can get a DRM-free PDF version at no cost.
Simply click on the link to claim your free PDF.

https://packt.link/free-ebook/9781801071567