.net

Troy Hunt, a Microsoft MVP, has published a free security eBook for .NET developers.  He spent over a year researching these security vulnerabilities and ended up with a 250+ page eBook.  He describes in detail the following topics:

  1. Injection
  2. Cross-Site Scripting (XSS)
  3. Broken Authentication and Session Management
  4. Insecure Direct Object References
  5. Cross-Site Request Forgery (CSRF)
  6. Security Misconfiguration
  7. Insecure Cryptography Storage
  8. Failure to Restrict URL Access
  9. Insufficient Transport Layer Protection
  10. Unvalidated Redirects and Forwards

If  you are building websites on Microsoft’s .NET platform, do yourself a favor and check out Troy’s excellent OWASP Top 10 for .NET developers eBook here.