NodeSecure / js-x-ray
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns π¬.
β231Updated 2 weeks ago
Alternatives and similar repositories for js-x-ray:
Users that are interested in js-x-ray are comparing it to the libraries listed below
- Mitigate security concerns of Dependency Confusion supply chain security risksβ46Updated 2 years ago
- β‘οΈ A package API to run a static analysis of your module's dependencies. This is the CLI engine!β31Updated this week
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.β388Updated 3 months ago
- JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.β367Updated this week
- Programmatically fetch security vulnerabilities with one or many strategies (NPM Audit, Sonatype, Snyk, Node.js DB).β30Updated 3 weeks ago
- π Normalized repository URLs for every package in the npm registry. Updated daily.β80Updated this week
- TC39 proposal for mitigating prototype pollutionβ46Updated last year
- A Node.js vulnerability finding tool.β95Updated 4 years ago
- Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.β320Updated 3 years ago
- A zoo for malicious NPM packagesβ20Updated 2 years ago
- Generic SAST Libraryβ127Updated 3 months ago
- Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]β44Updated 7 months ago
- Easy auditing & sandboxing for your JavaScript dependencies πͺ±β253Updated last year
- Abuse the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code.β325Updated 5 months ago
- A curated list of awesome browser security learning material.β139Updated 2 years ago
- NodeJS runtime protection for supply chain attacksβ141Updated 2 years ago
- Secure DOM trees isolation and encapsulation leveraging ShadowDOMβ28Updated this week
- Script to audit GitHub Action Workflow files for potential vulnerabilities.β153Updated 5 months ago
- An extensible, heuristic-based vulnerability scanning tool for installed npm packagesβ50Updated 3 years ago
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registrationβ291Updated this week
- π€ A list of all the public package names on npm. Updated daily.β256Updated this week
- Security advisories for Node.js and the JavaScript ecosystem.β41Updated 3 years ago
- Find security vulnerabilities in open source npm packages while you codeβ205Updated 2 years ago
- Collection of security best practices for package managers.β162Updated 2 years ago
- Scans your Github Actions for security issuesβ57Updated this week
- β180Updated 3 months ago
- Write acceptance tests easily for your CLI program.β21Updated last year
- Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)β56Updated 10 months ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and versβ¦β105Updated this week
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ101Updated 3 weeks ago