Checkmarx / JS-SCP
JavaScript Secure Coding Practices guide
☆176Updated 3 years ago
Related projects: ⓘ
- Some thoughts on how Node.js might respond to a changing security environment☆172Updated 5 years ago
- eslintrc.js config files for running static analysis on JavaScript to identify security issues.☆62Updated 4 years ago
- It is a note about security on nodejs☆47Updated 6 years ago
- The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre…☆92Updated 10 years ago
- Documentation for Essential Node.js Security☆94Updated last year
- Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]☆41Updated 2 months ago
- An extensible, heuristic-based vulnerability scanning tool for installed npm packages☆49Updated 3 years ago
- Curated list of public penetration testing reports released by several consulting firms☆45Updated 6 years ago
- ☆39Updated last year
- Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities☆135Updated last year
- Content released at NorthSec 2018 for my talk on prototype pollution☆513Updated 3 months ago
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆135Updated 4 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆60Updated last year
- A list of ReDoS vulnerabilities in npm modules found by the Software Lab at TU Darmstadt. For each vulnerability, there is a proof-of-con…☆58Updated 6 years ago
- Bodhi - Client-side Vulnerability Playground☆117Updated 3 years ago
- A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status☆89Updated 3 years ago
- OWASP Testing Guide☆110Updated 8 years ago
- Research on GraphQL from an AppSec point of view.☆405Updated last year
- A Node.js vulnerability finding tool.☆95Updated 3 years ago
- Code repository for Mastering Modern Web Penetration Testing, published by Packt☆73Updated last year
- ☆78Updated 11 years ago
- Unicode Security Guide☆121Updated 6 years ago
- The help files for the ZAP core☆200Updated 2 weeks ago
- ☆35Updated 2 years ago
- Automatically exported from code.google.com/p/mustache-security☆23Updated 9 years ago
- Files for appsecwiki.com☆113Updated 4 years ago
- Security Payload Unit Test Repository (SPUTR)☆86Updated last year
- drHEADer helps with the audit of security headers received in response to a single request or a list of requests.☆105Updated this week
- An application to catch, search and analyze HTTP secure headers.☆64Updated 3 years ago
- Demonstrates a login bypass attack against a sample MongoDB/NodeJS application☆38Updated 5 years ago