Essential Downloads

Download tools, utilities, and samples that will help you understand and implement security in your own applications.

BinScope
BinScope is a Microsoft verification tool that analyzes binaries on a project-wide level to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations.
MiniFuzz
MiniFuzz is a very simple fuzzer designed to ease adoption of fuzz testing by non-security people who are unfamiliar with file fuzzing tools or have never used them in their current software development processes.
 
Geneva Beta 2 Download
Microsoft code name "Geneva", an open platform for simplified user access based on claims. This release consists of three components: Geneva Framework for .NET developers, Geneva Server for IT Pros, and Windows CardSpace Geneva for users.		Microsoft SDL Process Template for VSTS
As part of the design phase of the SDL, threat modeling allows software architects to identify and mitigate potential security issues early, when they are relatively easy and cost-effective to resolve. Therefore, it helps reduce the Total Cost of Development.
 
FxCop
FxCop is an application that analyzes managed code assemblies (code that targets the .NET Framework common language runtime) and reports information about the assemblies, such as possible design, localization, performance, and security improvements.		Security Awareness Program Tool Kit and Guide
This kit was created to provide guidance, samples, and templates for creating a security awareness program.

Code Gallery Security Samples RSS Feed

Programming Elevated Privilege/UAC
Providing WPF and Windows Forms sample application to demonstrate how to programming elevated privilege/UAC.
Token Authentication for ASP.NET
This is a class library that adds another layer of security on top of the authentication mechanism in ASP.NET. It allows you to configure certain reso... more
Securing the .NET Service Bus
Securing the .NET Service Bus
NativeObjectSecurity Code Snippet
An example of how to manipulate custom native object security descriptors from .NET.
Windows Mobile Webcast - Windows Mobile Device Security
Security is an important topic for Windows Mobile Application Developers. Depending on the security configuration of particular devices, applications... more

Security Projects from CodePlex RSS Feed

NextGenRNG
Random Number Generators for .Net written in C#Regular use: * MersenneTwister3 CNG Cryptographically secure RNG: * CTR_DRBG... more
Connected Information Security Framework
The intent of this framework is to provide building blocks in terms of loosely coupled reusable application modules for developing various connected a... more
SharePoint Security Templates
Apply an xml-template to a site to set up permissions for the site and its lists and items.A typical scenario would be to use different security setup... more
Thinktecture.IdentityModel
Add-on library for the Windows Identity Foundation (WIF).
harmony.net
Mit dem harmony.net Framwork soll eine Umfangreiche .NET Bibliothek entstehen mit der es möglich sein soll immer wiederkehrende Aufgaben einfach... more

SDL Tools and Utilities RSS Feed

Code Analysis Tool .NET (CAT.NET) v1 CTP
CAT.NET is a binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack v... more
Banned.h
The banned.h header file is a sanitizing resource which supports the SDL requirement to remove banned functions from a code. It lists all banned APIs... more
Anti-Cross Site Scripting (Anti-XSS) v3 BETA
Anti-XSS v3 BETA package contains the Anti-XSS .NET library which is specifically designed to help mitigate the potential of Cross-Site Scripting (XSS... more

More SDL Tools and Utilities >

Related Tools and Utilities

Related Security Code Samples
Page view tracker