Are there any thoroughly tested .NET libraries out there to sanitize input from things like script/sql injection?
I like to use the Microsoft AntiXSS library. It's free and pretty easy to use.
For SQL injection, I always use parameters. Again, they are easy to use and I don't like trying to escape special characters. It's a recipe for disaster if you ask me.