With so many ways to attack a site, it would be useful if there is a single guide, or resource, listing all known vunerabilties with possible preventative measures. Does anyone know of any?
Also, is there a library or framework that can deal with this kind of thing?
Check the OWASP development guide at www.owasp.org. It's a bit dated (2005), but it has information on many security issues regarding web applications.
I'm not aware of any single library or framework for dealing with this. That really depends on what technology and application frameworks you are employing.
ASP.NET does a good job of taking care of most security issues for you. Security is built into the framework. I would recommend reading some articles like these:
Search Google for variations on ASP.NET, security, tips, mistakes, best practices. Basically the top things to make sure you are taking care of are XSS, web.config, and SQL injection. You should also make sure you look for CSRF vulnerabilities.
There's a book that really covers the ground for ASP.NET well that I highly recommend. It's not comprehensive anymore because it is a couple years old and therefore doesn't cover newer stuff like IIS7, ASP.NET AJAX and so on. But I still recommend it because for all the basic stuff, it covers it really really well.
It's called Improving Web Application Security by Microsoft Press, ISBN 978-0735618428. The entire text is hosted on MSDN here.
Dead tree version and Ebook version also available.