Your question is far to open to answer on a forum post but luckily this type of information is widely available.
The OWASP foundation tracks common web based vulnerabilities and is a good starting place to learn about the vulnerabilities and how to mitigate the vulnerabilities. OWASP also provides tools for checking applications vulnerabilities, proxy tools, etc.
ASP.NET Core 6 comes with several feature to mitigate vulnerabilities which can be found in the Security and Identity documentation. To list a few...
Prevent Cross-Site Scripting (XSS) in ASP.NET Core
Enable Cross-Origin Requests (CORS) in ASP.NET Core
DotNet Security Cheat Sheet
Please make an effort to educate yourself. If you have questions, feel free to ask but please be specific.