NodeSecure / js-x-ray
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns π¬.
β237Updated this week
Alternatives and similar repositories for js-x-ray:
Users that are interested in js-x-ray are comparing it to the libraries listed below
- Mitigate security concerns of Dependency Confusion supply chain security risksβ46Updated 2 years ago
- β‘οΈ A package API to run a static analysis of your module's dependencies. This is the CLI engine!β31Updated this week
- JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.β367Updated this week
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.β390Updated 3 months ago
- A curated list of awesome browser security learning material.β139Updated 2 years ago
- TC39 proposal for mitigating prototype pollutionβ46Updated last year
- Programmatically fetch security vulnerabilities with one or many strategies (NPM Audit, Sonatype, Snyk, Node.js DB).β30Updated last week
- π Normalized repository URLs for every package in the npm registry. Updated daily.β80Updated this week
- DOM XSS scanner for Single Page Applicationsβ402Updated 7 months ago
- Easy auditing & sandboxing for your JavaScript dependencies πͺ±β253Updated last year
- A Node.js vulnerability finding tool.β96Updated 4 years ago
- A curated list of awesome GraphQL Security frameworks, libraries, software and resourcesβ321Updated last year
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registrationβ292Updated this week
- Use Snow to finally secure your web app's same origin realms!β108Updated 4 months ago
- An extensible, heuristic-based vulnerability scanning tool for installed npm packagesβ50Updated 3 years ago
- A web client port-scanner written in GO, that supports the WASM/WASI interface for Browser WebAssembly runtime execution.β143Updated last year
- Generic SAST Libraryβ130Updated 3 months ago
- A zoo for malicious NPM packagesβ20Updated 2 years ago
- Snyk Node Runtime Agentβ16Updated 2 years ago
- NodeJS runtime protection for supply chain attacksβ141Updated 2 years ago
- β143Updated 2 years ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.β167Updated last month
- Collection of security best practices for package managers.β162Updated 2 years ago
- Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code securiβ¦β76Updated 6 months ago
- Dependency Combobulatorβ92Updated last year
- An extension to use Semgrep inside Burp Suite.β88Updated last year
- Coverage-guided, in-process fuzzing for Node.jsβ297Updated 9 months ago
- get popular npm packagesβ35Updated 9 months ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"β201Updated 2 years ago
- Manager of third-party sources of Semgrep rules πβ79Updated 7 months ago