I was recently introduced to Microsoft's tool that analyzes managed code assemblies called FxCop. It points out possible design, localization, performance and security improvements against a pre-defined set of rules (and also accepts custom rules). At first I was unsure how to go about using it, as it seems to be aimed at Windows developers (.exe and .dll). It’s easy to check an asp.net web site
1)Create a new folder (i.e C:\Code Analysis)
2)Publish your web application into the new folder
3)Open FxCop and add all the dll files from the newly created bin folder to be scrutinized.
Lots more info / docs available here on msdn and you can also download fxcop free
I know you will all point out how this is old news... but why didn't anyone tell me? It is not mentioned in any of the study materials I've been using for the last 18 months!