NodeSecure / js-x-rayLinks
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns π¬.
β256Updated last week
Alternatives and similar repositories for js-x-ray
Users that are interested in js-x-ray are comparing it to the libraries listed below
Sorting:
- Mitigate security concerns of Dependency Confusion supply chain security risksβ49Updated 3 months ago
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.β416Updated 10 months ago
- β‘οΈ A package API to run a static analysis of your module's dependencies. This is the CLI engine!β35Updated this week
- Programmatically fetch security vulnerabilities with one or many strategies (NPM Audit, Sonatype, Snyk, Node.js DB).β30Updated last week
- π Normalized repository URLs for every package in the npm registry. Updated daily.β89Updated this week
- Find security vulnerabilities in open source npm packages while you codeβ210Updated 3 years ago
- NodeJS runtime protection for supply chain attacksβ141Updated 3 years ago
- JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.β379Updated this week
- π€ A list of all the public package names on npm. Updated daily.β279Updated this week
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registrationβ302Updated last week
- Hands-on practical use of HTTP security headers as browser security controls to help secure web applicationsβ18Updated 2 years ago
- Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.β336Updated 3 years ago
- Easy auditing & sandboxing for your JavaScript dependencies πͺ±β253Updated 2 years ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and versβ¦β129Updated last month
- Overlay is a browser extension helping developers evaluate open source packages before picking themβ226Updated 3 months ago
- β145Updated 2 years ago
- A zoo for malicious NPM packagesβ20Updated 2 years ago
- Find which of your direct GitHub dependencies is susceptible to RepoJacking attacksβ59Updated 3 years ago
- Abuse the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code.β331Updated last year
- Dependency Combobulatorβ93Updated last year
- Use Snow to finally secure your web app's same origin realms!β115Updated 6 months ago
- Collection of security best practices for package managers.β164Updated 3 years ago
- Generic SAST Libraryβ132Updated 3 months ago
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.β61Updated 4 months ago
- A pattern for reasonably secure Electron applicationsβ73Updated 2 years ago
- A comprehensive list of software composition analysis tools.β156Updated last year
- Test Case Generator Based on Branch Coverage and Fuzzingβ36Updated last year
- A web client port-scanner written in GO, that supports the WASM/WASI interface for Browser WebAssembly runtime execution.β155Updated 2 years ago
- Snyk Node Runtime Agentβ16Updated 3 years ago
- Public disclosure channel for security vulnerabilitiesβ18Updated 3 months ago