NodeSecure / js-x-ray
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns π¬.
β238Updated 3 weeks ago
Alternatives and similar repositories for js-x-ray:
Users that are interested in js-x-ray are comparing it to the libraries listed below
- β‘οΈ A package API to run a static analysis of your module's dependencies. This is the CLI engine!β32Updated 3 weeks ago
- Mitigate security concerns of Dependency Confusion supply chain security risksβ46Updated 2 years ago
- NodeJS runtime protection for supply chain attacksβ141Updated 2 years ago
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.β393Updated 4 months ago
- Easy auditing & sandboxing for your JavaScript dependencies πͺ±β253Updated 2 years ago
- Programmatically fetch security vulnerabilities with one or many strategies (NPM Audit, Sonatype, Snyk, Node.js DB).β30Updated 3 weeks ago
- A zoo for malicious NPM packagesβ20Updated 2 years ago
- Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.β321Updated 3 years ago
- Coverage-guided, in-process fuzzing for Node.jsβ298Updated 9 months ago
- Collection of security best practices for package managers.β162Updated 2 years ago
- A Node.js vulnerability finding tool.β96Updated 4 years ago
- Snyk Node Runtime Agentβ16Updated 2 years ago
- Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alikeβ235Updated 4 months ago
- Find security vulnerabilities in open source npm packages while you codeβ205Updated 2 years ago
- TC39 proposal for mitigating prototype pollutionβ46Updated last year
- Manager of third-party sources of Semgrep rules πβ81Updated 8 months ago
- π Normalized repository URLs for every package in the npm registry. Updated daily.β82Updated this week
- Dependency Combobulatorβ93Updated last year
- An extensible, heuristic-based vulnerability scanning tool for installed npm packagesβ50Updated 3 years ago
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.β56Updated 6 months ago
- Use Snow to finally secure your web app's same origin realms!β108Updated this week
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and versβ¦β112Updated 3 weeks ago
- ESLint security plugin for Node.jsβ103Updated last year
- Generic SAST Libraryβ130Updated 4 months ago
- ESLint plugin to detect and stop Trojan Source attacksβ76Updated 2 years ago
- Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.β82Updated last week
- Overlay is a browser extension helping developers evaluate open source packages before picking themβ224Updated last year
- Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]β44Updated 9 months ago
- An extension to use Semgrep inside Burp Suite.β88Updated last year
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registrationβ293Updated this week