HackerSpray 1.2.5

.NET Framework
Install-Package HackerSpray -Version 1.2.5
dotnet add package HackerSpray --version 1.2.5
<PackageReference Include="HackerSpray" Version="1.2.5">
  <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add HackerSpray --version 1.2.5
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: HackerSpray, 1.2.5"
#r directive can be used in F# Interactive, C# scripting and .NET Interactive. Copy this into the interactive tool or source code of the script to reference the package.
// Install HackerSpray as a Cake Addin
#addin nuget:?package=HackerSpray&version=1.2.5

// Install HackerSpray as a Cake Tool
#tool nuget:?package=HackerSpray&version=1.2.5
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

A .NET 4 library to defend websites and web APIs against brute force and Denial-of-service attacks.

.NET Core version also available.


* Protect login, registration, password reset pages against brute force and DOS attacks.
* Block users from performing any action too many times.
* Prevent too many hits from any IP or IP Range.
* Blacklist/Whitelist specific IP, IP range, username, URLs, transactions for a period.

An example scenario is a Bank Login page, where brute force password attempts on user accounts and DOS attack on Login page are a regular event.
Using this library, you can protect login page from brute force attacks, blocking too many usernames from certain IPs,
or too many hits from a range of IP trying to do DOS attack,
or even simple 3 invalid login attempts per username, per 15 mins.

This high performance, very lightweight library protects you from hitting the database too many times on pages and APIs that are prone to attacks, thus lowering web server and database CPU, increasing the scalability of the overall application.

Example code:

var result = await Hacker.DefendAsync("/Account/LogOn", Request.UserHostAddress);
if (result == Hacker.Result.TooManyHitsFromOrigin)
   await Hacker.BlacklistOriginAsync(Request.UserHostAddress, TimeSpan.FromMinutes(10));
else if (result == Hacker.Result.TooManyHitsOnKey)
   await Hacker.BlacklistKeyAsync("/Account/LogOn", TimeSpan.FromMinutes(10));

Hacker.DefendAsync("/Account/PasswordReset", Request.UserHostAddress, TimeSpan.FromMinutes(5), 100);
Hacker.DefendAsync("Username" + username, Request.UserHostAddress);
Hacker.DefendAsync("Comment", Request.UserHostAddress);

Product Versions
.NET Framework net
Compatible target framework(s)
Additional computed target framework(s)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.2.5 1,602 7/11/2016
1.2.0 761 6/18/2016
1.1.0 736 6/18/2016
1.0.1 751 6/18/2016
1.0.0 733 6/18/2016