You may use Code Analyzer that is available with Visual Studio.
https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/overview
Code quality analysis ("CAxxxx") rules inspect your C# or Visual Basic code for security, performance, design and other issues. Analysis is enabled, by default, for projects that target .NET 5.0 or later. You can enable code analysis on projects that target earlier .NET versions by setting the EnableNETAnalyzers property to true.
See the below rule that will help you to work against SQL Injection vulnerability
https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca3001