This is the code repository for ASP.NET Core 5 Secure Coding Cookbook, published by Packt.
Practical recipes for tackling vulnerabilities in your ASP.NET web applications
ASP.NET Core developers are often presented with security test results showing the vulnerabilities found in their web apps. While the report may provide some high-level fix suggestions, it does not specify the exact steps that you need to take to resolve or fix weaknesses discovered by these tests.
This book covers the following exciting features:
- Understand techniques for squashing an ASP.NET Core web app security bug
- Discover different types of injection attacks and understand how you can prevent this vulnerability from being exploited
- Fix security issues in code relating to broken authentication and authorization
- Eliminate the risks of sensitive data exposure by getting up to speed with numerous protection techniques
- Prevent security misconfiguration by enabling ASP.NET Core web application security features
- Explore other ASP.NET web application vulnerabilities and secure coding best practices
If you feel this book is for you, get your copy today!
All of the code is organized into folders. For example, Chapter02.
The code will look like the following:
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
return LocalRedirect(returnUrl);
}
Following is what you need for this book: This ASP.NET Core 5 book is for intermediate-level ASP.NET Core web developers and software engineers who use the framework to develop web applications and are looking to focus on their security using coding best practices. The book is also for application security engineers, analysts, and specialists who want to know more about securing ASP.NET Core using code and understand how to resolve issues identified by the security tests they perform daily.
With the following software and hardware list you can run all code files present in the book (Chapter 1-13).
| Chapter | Software required | OS required |
|---|---|---|
| 1-10 | .NET 5.0, Visual Studio Code, Git, ASP.NET Core Razor Pages, SQLite databse engine | Windows, Mac OS X, and Linux (Any) |
| 2, 12 | MongoDB | Windows, Mac OS X, and Linux (Any) |
| 5 | XML | Windows, Mac OS X, and Linux (Any) |
| 9 | DevSkim VSCode extension | Windows, Mac OS X, and Linux (Any) |
| 10 | Retire.js browser extension | Windows, Mac OS X, and Linux (Any) |
We also provide a PDF file that has color images of the screenshots/diagrams used in this book. Click here to download it.
-
An Atypical ASP.NET Core 5 Design Patterns Guide [Packt] [Amazon]
-
ASP.NET Core 5 and Angular - Fourth Edition [Packt] [Amazon]
Roman Canlas is a Senior Application Security Engineer working at a Fortune 500 company where he successfully established its global Application Security program from the ground up. His years of experience as a developer-led him to be an expert in Secure Code reviews and Static Application Security testing, focusing on web technologies.
Roman held multiple certifications: the GIAC Web Application Penetration Tester (GWAPT), ISC2's Certified Secure Software Lifecycle Professional (CSSLP), and EC-Council's Certified Application Security Engineer in .NET (CASE.NET).
Roman also has a Master's degree in Information Systems and a Bachelors in Computer Science.
If you have already purchased a print or Kindle version of this book, you can get a DRM-free PDF version at no cost.
Simply click on the link to claim your free PDF.