Learn how to secure your ASP.NET Core web app through robust and secure code Key FeaturesDiscover the different types of security weaknesses in ASP.NET Core web applications and learn how to fix themUnderstand what code makes an ASP.NET Core web app unsafeBuild your secure coding knowledge by following straightforward recipesBook Description ASP.NET Core developers are often presented with security test results showing the vulnerabilities found in their web apps. While the report may provide some high-level fix suggestions, it does not specify the exact steps that you need to take to resolve or fix weaknesses discovered by these tests. In ASP.NET Secure Coding Cookbook, you'll start by learning the fundamental concepts of secure coding and then gradually progress to identifying common web app vulnerabilities in code. As you progress, you'll cover recipes for fixing security misconfigurations in ASP.NET Core web apps. The book further demonstrates how you can resolve different types of Cross-Site Scripting. A dedicated section also takes you through fixing miscellaneous vulnerabilities that are no longer in the OWASP Top 10 list. This book features a recipe-style format, with each recipe containing sample unsecure code that presents the problem and corresponding solutions to eliminate the security bug. You'll be able to follow along with each step of the exercise and use the accompanying sample ASP.NET Core solution to practice writing secure code. By the end of this book, you'll be able to identify unsecure code causing different security flaws in ASP.NET Core web apps and you'll have gained hands-on experience in removing vulnerabilities and security defects from your code. What you will learnUnderstand techniques for squashing an ASP.NET Core web app security bugDiscover different types of injection attacks and understand how you can prevent this vulnerability from being exploitedFix security issues in code relating to broken authentication and authorizationEliminate the risks of sensitive data exposure by getting up to speed with numerous protection techniquesPrevent security misconfiguration by enabling ASP.NET Core web application security featuresExplore other ASP.NET web application vulnerabilities and secure coding best practicesWho this book is for This ASP.NET Core book is for intermediate-level ASP.NET Core web developers and software engineers who use the framework to develop web applications and are looking to focus on their security using coding best practices. The book is also for application security engineers, analysts, and specialists who want to know more about securing ASP.NET Core using code and understand how to resolve issues identified by the security tests they perform daily.

Quickly find solutions to common web development problems. Content is presented in the popular problem-solution format. Look up the problem that you want to solve. Read the solution. Apply the solution directly in your own code. Problem solved! ASP.NET Core Recipes is a practical guide for developers creating modern web applications, cutting through the complexities of ASP.NET, jQuery, React, and HTML5 to provide straightforward solutions to common web development problems using proven methods based on best practices. The problem-solution approach gets you in, out, and back to work quickly while deepening your understanding of the underlying platform and how to develop with it. Author John Ciliberti guides you through the MVC framework and development tools, presenting typical challenges, along with code solutions and clear, concise explanations, to accelerate application development. Solve problems immediately by pasting in code from the recipes, or put multiple recipe solutions together to overcome challenging development obstacles. What You'll Learn Take advantage of MVC's streamlined syntax Discover how to take full control over HTML Develop a simple API for creating RESTful web services Understand test-driven development Migrate a project from ASP.NET web forms to Core MVC, including recipes for converting DataGrids, Forms, Web Parts, Master Pages, and navigation controls Use Core MVC in combination with popular JavaScript libraries, including jQuery, React, Bootstrap, and more Write unit tests for your MVC controllers, views, custom filters, and HTML helpers Utilize the latest features in Visual Studio 2017 to accelerate your Core MVC projects Identify performance bottlenecks in your MVC application Who This Book Is For Web developers of all skill levels who are looking for a programming reference for ASP.NET Core MVC and would like to gain an understanding of the inner workings of the platform. In addition, parts of this book provide guidance to developers familiar with ASP.NET Web Forms who would like to update their skill set to include Core MVC.

Secure your ASP.NET applications before you get hacked! This practical guide includes secure coding techniques with annotated examples and full coverage of built-in ASP.NET Core security tools. In ASP.NET Core Security, you will learn how to: Understand and recognize common web app attacks Implement attack countermeasures Use testing and scanning tools and libraries Activate built-in browser security features from ASP.NET Take advantage of .NET and ASP.NET Core security APIs Manage passwords to minimize damage from a data leak Securely store application secrets ASP.NET Core Security teaches you the skills and countermeasures you need to keep your ASP.NET Core apps secure from the most common web application attacks. With this collection of practical techniques, you will be able to anticipate risks and introduce practices like testing as regular security checkups. You’ll be fascinated as the author explores real-world security breaches, including rogue Firefox extensions and Adobe password thefts. The examples present universal security best practices with a sharp focus on the unique needs of ASP.NET Core applications. About the technology Your ASP.NET Core applications are under attack now. Are you ready? Th ere are specific countermeasures you can apply to keep your company out of the headlines. This book demonstrates exactly how to secure ASP.NET Core web applications, including safe browser interactions, recognizing common threats, and deploying the framework’s unique security APIs. About the book ASP.NET Core Security is a realistic guide to securing your web applications. It starts on the dark side, exploring case studies of cross-site scripting, SQL injection, and other weapons used by hackers. As you go, you’ll learn how to implement countermeasures, activate browser security features, minimize attack damage, and securely store application secrets. Detailed ASP.NET Core code samples in C# show you how each technique looks in practice. What's inside Understand and recognize common web app attacks Testing tools, helper libraries, and scanning tools Activate built-in browser security features Take advantage of .NET and ASP.NET Core security APIs Manage passwords to minimize damage from a data leak About the reader For experienced ASP.NET Core web developers. About the author Christian Wenz is a web pioneer, consultant, and entrepreneur. Table of Contents PART 1 FIRST STEPS 1 On web application security PART 2 MITIGATING COMMON ATTACKS 2 Cross-site scripting (XSS) 3 Attacking session management 4 Cross-site request forgery 5 Unvalidated data 6 SQL injection (and other injections) PART 3 SECURE DATA STORAGE 7 Storing secrets 8 Handling passwords PART 4 CONFIGURATION 9 HTTP headers 10 Error handling 11 Logging and health checks PART 5 AUTHENTICATION AND AUTHORIZATION 12 Securing web applications with ASP.NET Core Identity 13 Securing APIs and single page applications PART 6 SECURITY AS A PROCESS 14 Secure dependencies 15 Audit tools 16 OWASP Top 10

Learn to implement ASP.NET Core features to build effective software that can be scaled and maintained easily Key Features Practical solutions to recurring issues in the web development world Recipes on the latest features of ASP.Net Core 2.0 Coverage of Bootstrap, Angular, and JavaScript lets you supercharge your frontend Book Description The ASP.NET Core 2.0 Framework has been designed to meet all the needs of today’s web developers. It provides better control, support for test-driven development, and cleaner code. Moreover, it’s lightweight and allows you to run apps on Windows, OSX and Linux, making it the most popular web framework with modern day developers. This book takes a unique approach to web development, using real-world examples to guide you through problems with ASP.NET Core 2.0 web applications. It covers Visual Studio 2017- and ASP.NET Core 2.0-specifc changes and provides general MVC development recipes. It explores setting up .NET Core, Visual Studio 2017, Node.js modules, and NuGet. Next, it shows you how to work with Inversion of Control data pattern and caching. We explore everyday ASP.NET Core MVC 2.0 patterns and go beyond it into troubleshooting. Finally, we lead you through migrating, hosting, and deploying your code. By the end of the book, you’ll not only have explored every aspect of ASP.NET Core MVC 2.0, you’ll also have a reference you can keep coming back to whenever you need to get the job done. What you will learn Build ASP.Net Core 2.0 applications using HTTP services with WebApi Learn to unit-test, load test, and perform test applications using client-side and server-side frameworks Debug, monitor and troubleshoot ASP.Net Core 2.0 applications using popular tools Reuse components with NuGet and create modular components with middleware Create applications using client-side technologies such as HTML5, JavaScript, jQuery, and Angular Build responsive and dynamic UIs for your MVC apps using Bootstrap Leverage tools like Karma, Jasmine, QUnit, xUnit, Selenium, Microsoft Fakes, and Visual Studio 2017 Enterprise Who this book is for This book is written for the ASP.NET developer who wants to deliver professional-standard software, quickly and efficiently. It's filled with hands-on recipes, practical advice, and guidance to help developers with every aspect of the ASP.NET development cycle. Whether you've just started out or are a seasoned pro, the Asp.Net Core 2.0 Cookbook is written for you.

Build robust modern web applications using .NET 5, Entity Framework Core, and Angular 11 Key FeaturesUpdated with the latest features and additions in ASP.NET Core 5 and Angular 11Design, build, and deploy a Single Page Application or Progressive Web AppAdopt a full stack approach to handle data management, Web APIs, application design, testing, SEO, security, and deploymentBook Description Learning full-stack development calls for knowledge of both front-end and back-end web development. ASP.NET Core 5 and Angular, Fourth Edition will enhance your ability to create, debug, and deploy efficient web applications using ASP.NET Core and Angular. This revised edition includes coverage of the Angular routing module, expanded discussion on the Angular CLI, and detailed instructions for deploying apps on Azure, as well as both Windows and Linux. Taking care to explain and challenge design choices made throughout the text, Valerio teaches you how to build a data model with Entity Framework Core, alongside utilizing the Entity Core Fluent API and EntityTypeConfiguration class. You’ll learn how to fetch and display data and handle user input with Angular reactive forms and front-end and back-end validators for maximum effect. Later, you will perform advanced debugging and explore the unit testing features provided by xUnit.net (.NET 5) and Jasmine, as well as Karma for Angular. After adding authentication and authorization to your apps, you will explore progressive web applications (PWAs), learning about their technical requirements, testing, and converting SWAs to PWAs. By the end of this book, you will understand how to tie together the front end and back end to build and deploy secure and robust web applications. What you will learnImplement a web API interface with ASP.NET Core and consume it with Angular using RxJS observablesSet up an SQL database server using a local instance or a cloud data storePerform C# and TypeScript debugging using Visual Studio 2019Create TDD and BDD unit tests using xUnit, Jasmine, and KarmaPerform DBMS structured logging using third-party providers such as SeriLogDeploy web apps to Windows and Linux web servers, or Azure App Service, using IIS, Kestrel, and nginxWho this book is for This book is for experienced ASP.NET developers who already possess some familiarity with ASP.NET Core and Angular and are looking to learn how to use them effectively together. The fully documented code samples (also available on GitHub) and the step-by-step implementation tutorials make this book easy to follow.

A practical guide to building and upgrading new and legacy applications on cloud-native platforms using architectural best practices with .NET 5, C# 9, microservices, and ML.NET Key FeaturesGet up to speed with .NET 5's new improvements and featuresDiscover how to improve existing code design and enhance software maintainabilityExplore explanations and techniques for making programs easier to understand and changeBook Description .NET 5 is the unification of all .NET technologies in a single framework that can run on all platforms and provide a consistent experience to developers, regardless of the device, operating system (OS), or cloud platform they choose. By updating to .NET 5, you can build software that can quickly adapt to the rapidly changing demands of modern consumers and stay up to date on the latest technology trends in .NET. This book provides a comprehensive overview of all the technologies that will form the future landscape of .NET using practical examples based on real-world scenarios, along with best practices to help you migrate from legacy platforms. You’ll start by learning about Microsoft’s vision and rationale for the unification of the platforms. Then, you’ll cover all the new language enhancements in C# 9. As you advance, you’ll find out how you can align yourself with modern technology trends, focusing on everything from microservices to orchestrated containerized deployments. Finally, you’ll learn how to effectively integrate machine learning in .NET code. By the end of this .NET book, you’ll have gained a thorough understanding of the .NET 5 platform, together with a readiness to adapt to future .NET release cycles, and you’ll be able to make architectural decisions about porting legacy systems and code bases to a newer platform. What you will learnExplore the key performance improvement areas when migrating to modern architecturesUnderstand app design and development using .NET 5Discover how to shift from legacy to modern application design using microservices and cloud-native architectureExplore common migration pitfalls and make the right decisions in situations where multiple options are availableUnderstand the process of deploying .NET 5 code on serverless and containerized hosts, along with its benefitsFind out what ML.NET has to offer and build .NET apps that use machine learning servicesWho this book is for This book is for experienced developers as well as software architects who are looking to gain knowledge of the new features and capabilities of .NET 5, along with guidance on modern architectural patterns. If you’re a developer who has previously worked on .NET, WPF, ASP.NET, Entity Framework, or other popular .NET libraries, this book will help you understand the migration process for their modern counterparts. Although experience with .NET Core is not required, working knowledge of the C# language and .NET framework is assumed.

Build on your existing programming skills and upskill to professional-level C# programming. Summary In Code Like A Pro in C# you will learn: Unit testing and test-driven development Refactor a legacy .NET codebase Principles of clean code Essential backend architecture skills Query and manipulate databases with LINQ and Entity Framework Core Critical business applications worldwide are written in the versatile C# language and the powerful .NET platform, running on desktops, cloud systems, and Windows or Linux servers. Code Like a Pro in C# makes it easy to turn your existing abilities in C# or another OO language (such as Java) into practical C# mastery. There’s no “Hello World” or Computer Science 101 basics—you’ll learn by refactoring an out-of-date legacy codebase, using new techniques, tools, and best practices to bring it up to modern C# standards. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the technology You know the basics, now get ready for the next step! Pro-quality C# code is efficient, clean, and fast. Whether you’re building user-facing business applications or writing data-intensive backend services, the experience-based, practical techniques in this book will take your C# skills to a new level. About the book Code Like a Pro in C# teaches you to how write clean C# code that’s suitable for enterprise applications. In this book, you’ll refactor a legacy codebase by applying modern C# techniques. You’ll explore tools like Entity Framework Core, design techniques like dependency injection, and key practices like testing and clean coding. It’s a perfect path to upgrade your existing C# skills or shift from another OO language into C# and the .NET ecosystem. What's inside Unit testing and test-driven development Refactor a legacy .NET codebase Principles of clean code Query and manipulate databases with LINQ and Entity Framework Core About the reader For developers experienced with object-oriented programming. No C# experience required. About the author Jort Rodenburg is a software engineer who has taught numerous courses on getting up to speed with C# and .NET. Table of Contents PART 1 USING C# AND .NET 1 Introducing C# and .NET 2 .NET and how it compiles PART 2 THE EXISTING CODEBASE 3 How bad is this code? 4 Manage your unmanaged resources! PART 3 THE DATABASE ACCESS LAYER 5 Setting up a project and database with Entity Framework Core PART 4 THE REPOSITORY LAYER 6 Test-driven development and dependency injection 7 Comparing objects 8 Stubbing, generics, and coupling 9 Extension methods, streams, and abstract classes PART 5 THE SERVICE LAYER 10 Reflection and mocks 11 Runtime type checking revisited and error handling 12 Using IAsyncEnumerable and yield return PART 6 THE CONTROLLER LAYER 13 Middleware, HTTP routing, and HTTP responses 14 JSON serialization/deserialization and custom model binding

ASP.NET Web API is a key part of ASP.NET MVC 4 and the platform of choice for building RESTful services that can be accessed by a wide range of devices. Everything from JavaScript libraries to RIA plugins, RFID readers to smart phones can consume your services using platform-agnostic HTTP. With such wide accessibility, securing your code effectively needs to be a top priority. You will quickly find that the WCF security protocols you’re familiar with from .NET are less suitable than they once were in this new environment, proving themselves cumbersome and limited in terms of the standards they can work with. Fortunately, ASP.NET Web API provides a simple, robust security solution of its own that fits neatly within the ASP.NET MVC programming model and secures your code without the need for SOAP, meaning that there is no limit to the range of devices that it can work with – if it can understand HTTP, then it can be secured by Web API. These SOAP-less security techniques are the focus of this book. What you’ll learn Identity management and cryptography HTTP basic and digest authentication and Windows authentication HTTP advanced concepts such as web caching, ETag, and CORS Ownership factors of API keys, client X.509 certificates, and SAML tokens Simple Web Token (SWT) and signed and encrypted JSON Web Token (JWT) OAuth 2.0 from the ground up using JWT as the bearer token OAuth 2.0 authorization codes and implicit grants using DotNetOpenAuth Two-factor authentication using Google Authenticator OWASP Top Ten risks for 2013Who this book is for No prior experience of .NET security is needed to read this book. All security related concepts will be introduced from first-principles and developed to the point where you can use them confidently in a professional environment. A good working knowledge of and experience with C# and the .NET framework are the only prerequisites to benefit from this book. Table of Contents Welcome to ASP.NET Web API Building RESTful Services Extensibility Points HTTP Anatomy and Security Identity Management Encryption and Signing Custom STS through WIF Knowledge Factors Ownership Factors Web Tokens OAuth 2.0 Using Live Connect API OAuth 2.0 From the Ground Up OAuth 2.0 Using DotNetOpenAuth Two-Factor Authentication Security Vulnerabilities Appendix: ASP.NET Web API Security Distilled

Learn to develop secure, optimized, well-designed web applications in ASP.NET Core and get ready for job interviews. KEY FEATURES ● Simplified demonstration of ASP.NET Core UI and service development, with expert-led implementation. ● In-depth coverage on async programming, application security, and performance optimization. ● Interview guide with extensive questions based on concepts and techniques around application development. DESCRIPTION ASP.NET Core for JobSeekers is a practical resource for application developers and web developers who want to advance their careers. This book teaches you how to use ASP.NET Core to create web applications without a prior understanding of web application development. We develop our first web application and demonstrate how to execute, debug, and deploy them using ASP.NET Core. We'll start by creating our first web pages with the Razor and then create a simple phonebook application. Next, you will be exposed to the MVC design pattern and explore the simplicity of developing web pages using Razor. Moving on, you learn to construct and consume restful services with ASP.NET Core. Concepts and techniques include async/await pattern, middlewares, programming a pipeline, redirecting requests, and intercepting requests and responses. This book also houses dependency injection techniques, action filters, accessing data using Entity Framework Core, and proven approaches for creating databases. Toward the end, you'll learn about some of the most important components, such as improving performance, choosing the right architecture for an application program, and answering a slew of interview questions about ASP.NET Core and application development. WHAT YOU WILL LEARN ● Learn to set up the application development environment around ASP.NET Core and other frameworks. ● Expert tips for debugging and deploying ASP.NET Core projects. ● Create UI applications with Razor and service APIs. ● Workaround middleware and filters for programming the ASP.NET Core pipeline. ● Create asynchronous programming code and configure dependency injection services. WHO THIS BOOK IS FOR If you're interested in building cross-platform, web, and cloud-native apps, you must learn ASP.NET Core and start building your programs. Readers should have basic knowledge of HTML and C#. TABLE OF CONTENTS 1. Introduction to ASP.NET Core 2. Setting Up the Development Environment 3. Running, Debugging, and Deploying ASP.NET Core Applications 4. Introduction to HTTP, HTML, CSS, and JavaScript 5. Developing ASP.NET Core web applications with Razor 6. Developing Restful services with ASP.NET Core 7. Async/await pattern and middleware in ASP.NET Core 8. Dependency injection and action filters in ASP.NET Core 9. State Management in ASP.NET Core 10. Introducing Accessing Data with ASP.NET Core 11. Optimizing ASP.NET Core Applications 12. Securing ASP.NET Core Applications 13. Introducing Software Architectures 14. Landing a job