OWASP (The Open Source Web Application Security Project) has a couple of projects online focused on ASP.NET security issues. Current projects include ANBS (ASP.NET Baseline Security), SAM'SHE (Security Analyzer for Microsoft's Shared Hosting Environments), ANSA (ASP.NET Security Analyzer) as well as the ASP.NET Security Guidelines for designing and deploying secure Web applications using ASP.NET (applicable to IIS 5 & 6).
OWASP .NET Projects Homepage