Audit.NET is a Visual Studio extension that highlights NuGet package dependencies with security vulnerabilities. Audit.NET relies on the free package and vulnerability database "OSS Index." OSS Index provides open source tools and data for a variety of languages and package managers. Vulnerabilities are drawn from the National Vulnerability Database, a variety of Security Feeds, and community contributions. Audit.NET scans your dependencies on project load, when new dependencies are added, or when prompted. Vulnerabilities will appear in the Error List, and pertinent lines will be underlined in the packages.config files. See GitHub for installation and usage instructions: https://github.com/OSSIndex/audit.net
|
