In this chapter, we will cover the following recipes:
- Identifying configuration-related security vulnerabilities in web applications
- Identifying cross-site scripting vulnerabilities in view markup files (.cshtml, .aspx files) in web applications
- Identifying insecure method calls that can lead to SQL and LDAP injection attacks
- Identifying weak password protection and management in web applications
- Identifying weak validation of data from external components to prevent attacks such as cross-site request forgery and path tampering
- Identifying performance improvements to source code using FxCop analyzers
