JacksonGL / NPM-Vuln-PoCLinks
Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]
☆42Updated last year
Alternatives and similar repositories for NPM-Vuln-PoC
Users that are interested in NPM-Vuln-PoC are comparing it to the libraries listed below
Sorting:
- An extensible, heuristic-based vulnerability scanning tool for installed npm packages☆50Updated 4 years ago
- A zoo for malicious NPM packages☆20Updated 2 years ago
- ☆16Updated 7 years ago
- A Node.js vulnerability finding tool.☆96Updated 2 months ago
- A Chrome extension static analysis tool to help aide in security reviews.☆157Updated 2 years ago
- Generic SAST Library☆132Updated 4 months ago
- ☆79Updated 13 years ago
- A deliberately vulnerable modern day app with lots of DOM related bugs☆35Updated 6 years ago
- Externalize Java application access to protected resources as log messages.☆43Updated this week
- Cure53 Browser Security White Paper☆299Updated 7 years ago
- Popcorn - the JSON fuzzer☆22Updated 11 years ago
- This test suite contains over 40 different test cases that have proven to work with different mobile browsers in my research or testing S…☆30Updated 6 years ago
- XSS in pastebin.com and reddit.com via unsanitized markdown output☆89Updated 7 years ago
- ☆71Updated 7 years ago
- Tools to gather subdomains from Bug Bounty programs☆65Updated 7 years ago
- Scripts and auxiliary files for fuzzing PHP's unserialize function☆45Updated 8 years ago
- Automatically exported from code.google.com/p/mustache-security☆23Updated 10 years ago
- An extended Node.js runtime with additional security mechanisms built-in. Protects your Node.js applications from injection attacks such …☆31Updated 4 years ago
- ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.☆104Updated 6 years ago
- Another web fuzzer written in NodeJS☆59Updated 7 years ago
- Nodejs application intentionally vulnerable to SSRF☆42Updated 2 years ago
- Security Payload Unit Test Repository (SPUTR)☆86Updated 2 years ago
- A regular expression fuzzer.☆45Updated 7 years ago
- AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.☆56Updated 3 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆153Updated last year
- A dashboard for interesting DOM tricks/techniques.☆35Updated 4 years ago
- A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a la…☆141Updated last year
- Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.☆49Updated 3 years ago
- Tainted PhantomJS☆52Updated 10 years ago
- A list of ReDoS vulnerabilities in npm modules found by the Software Lab at TU Darmstadt. For each vulnerability, there is a proof-of-con…☆58Updated 7 years ago