HackerSpray 1.2.5

dotnet add package HackerSpray --version 1.2.5
NuGet\Install-Package HackerSpray -Version 1.2.5
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="HackerSpray" Version="1.2.5">
  <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add HackerSpray --version 1.2.5
#r "nuget: HackerSpray, 1.2.5"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install HackerSpray as a Cake Addin
#addin nuget:?package=HackerSpray&version=1.2.5

// Install HackerSpray as a Cake Tool
#tool nuget:?package=HackerSpray&version=1.2.5

A .NET 4 library to defend websites and web APIs against brute force and Denial-of-service attacks.

.NET Core version also available.


* Protect login, registration, password reset pages against brute force and DOS attacks.
* Block users from performing any action too many times.
* Prevent too many hits from any IP or IP Range.
* Blacklist/Whitelist specific IP, IP range, username, URLs, transactions for a period.

An example scenario is a Bank Login page, where brute force password attempts on user accounts and DOS attack on Login page are a regular event.
Using this library, you can protect login page from brute force attacks, blocking too many usernames from certain IPs,
or too many hits from a range of IP trying to do DOS attack,
or even simple 3 invalid login attempts per username, per 15 mins.

This high performance, very lightweight library protects you from hitting the database too many times on pages and APIs that are prone to attacks, thus lowering web server and database CPU, increasing the scalability of the overall application.

Example code:

var result = await Hacker.DefendAsync("/Account/LogOn", Request.UserHostAddress);
if (result == Hacker.Result.TooManyHitsFromOrigin)
   await Hacker.BlacklistOriginAsync(Request.UserHostAddress, TimeSpan.FromMinutes(10));
else if (result == Hacker.Result.TooManyHitsOnKey)
   await Hacker.BlacklistKeyAsync("/Account/LogOn", TimeSpan.FromMinutes(10));

Hacker.DefendAsync("/Account/PasswordReset", Request.UserHostAddress, TimeSpan.FromMinutes(5), 100);
Hacker.DefendAsync("Username" + username, Request.UserHostAddress);
Hacker.DefendAsync("Comment", Request.UserHostAddress);

Product Compatible and additional computed target framework versions.
.NET Framework net is compatible. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.2.5 3,005 7/11/2016
1.2.0 1,908 6/18/2016
1.1.0 1,946 6/18/2016
1.0.1 1,938 6/18/2016
1.0.0 1,888 6/18/2016