This is a simple API used to demonstrate common API security vulnerabilities in ASP.NET Core.
Vulnerabilities include:
- SQL Injection
- Bad XML Deserialization (XXE)
- Over-posting
- Broken authorization
- Path traversal
- DDoS (Rate limiting)
It also includes some common mitigations for these vulnerabilities.
If you have DotNet 9 installed, you can clone the repository and run all the examples on your machine.
Otherwise, the easiest way to run the samples is using a GitHub CodeSpace.