Checkmarx / JS-SCP

Related projects: ⓘ

• google / node-sec-roadmap
  Some thoughts on how Node.js might respond to a changing security environment
  ☆172Updated 5 years ago
• Greenwolf / eslint-security-scanner-configs
  eslintrc.js config files for running static analysis on JavaScript to identify security issues.
  ☆62Updated 4 years ago
• wahengchang / nodejs-security-must-know
  It is a note about security on nodejs
  ☆47Updated 6 years ago
• OWASP / AppSec-Browser-Bundle
  The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre…
  ☆92Updated 10 years ago
• lirantal / essential-nodejs-security-book
  Documentation for Essential Node.js Security
  ☆94Updated last year
• JacksonGL / NPM-Vuln-PoC
  Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]
  ☆41Updated 2 months ago
• spaceraccoon / npm-scan
  An extensible, heuristic-based vulnerability scanning tool for installed npm packages
  ☆49Updated 3 years ago
• cure53 / public-pentesting-reports
  Curated list of public penetration testing reports released by several consulting firms
  ☆45Updated 6 years ago
• sqreen / SPAudit
  ☆39Updated last year
• we45 / DVFaaS-Damn-Vulnerable-Functions-as-a-Service
  Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities
  ☆135Updated last year
• HoLyVieR / prototype-pollution-nsec18
  Content released at NorthSec 2018 for my talk on prototype pollution
  ☆513Updated 3 months ago
• GoSecure / csp-auditor
  Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
  ☆135Updated 4 years ago
• secdec / attack-surface-detector-zap
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆60Updated last year
• sola-da / ReDoS-vulnerabilities
  A list of ReDoS vulnerabilities in npm modules found by the Software Lab at TU Darmstadt. For each vulnerability, there is a proof-of-con…
  ☆58Updated 6 years ago
• amolnaik4 / bodhi
  Bodhi - Client-side Vulnerability Playground
  ☆117Updated 3 years ago
• sawzeeyy / Sanitiz3r
  A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status
  ☆89Updated 3 years ago
• OWASP / OWASP-Testing-Guide
  OWASP Testing Guide
  ☆110Updated 8 years ago
• righettod / poc-graphql
  Research on GraphQL from an AppSec point of view.
  ☆405Updated last year
• xiaofen9 / Lynx
  A Node.js vulnerability finding tool.
  ☆95Updated 3 years ago
• PacktPublishing / Mastering-Modern-Web-Penetration-Testing
  Code repository for Mastering Modern Web Penetration Testing, published by Packt
  ☆73Updated last year
• wisec / DOMinator
  ☆78Updated 11 years ago
• cweb / unicode-security-guide
  Unicode Security Guide
  ☆121Updated 6 years ago
• zaproxy / zap-core-help
  The help files for the ZAP core
  ☆200Updated 2 weeks ago
• LewisArdern / ConferenceTalks
  ☆35Updated 2 years ago
• cure53 / mustache-security
  Automatically exported from code.google.com/p/mustache-security
  ☆23Updated 9 years ago
• exploitprotocol / app-sec-wiki
  Files for appsecwiki.com
  ☆113Updated 4 years ago
• sethlaw / sputr
  Security Payload Unit Test Repository (SPUTR)
  ☆86Updated last year
• Santandersecurityresearch / DrHeader
  drHEADer helps with the audit of security headers received in response to a single request or a list of requests.
  ☆105Updated this week
• oshp / headers
  An application to catch, search and analyze HTTP secure headers.
  ☆64Updated 3 years ago
• websecurify / acme-no-login
  Demonstrates a login bypass attack against a sample MongoDB/NodeJS application
  ☆38Updated 5 years ago