SAP-archive / node-rasp
An extended Node.js runtime with additional security mechanisms built-in. Protects your Node.js applications from injection attacks such as SQL and NoSQL injection as well as path traversal attacks.
☆31Updated 3 years ago
Alternatives and similar repositories for node-rasp:
Users that are interested in node-rasp are comparing it to the libraries listed below
- A tool for detecting regular expression denial-of-service vulnerabilities in Android apps.☆33Updated 8 years ago
- Generic SAST Library☆126Updated 2 months ago
- Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]☆43Updated 6 months ago
- ☆70Updated 7 years ago
- Tainted PhantomJS☆53Updated 9 years ago
- CapFuzz - capture, fuzz & intercept web traffic.☆64Updated 5 years ago
- PIOF - PHP Instrumentation Open Framework - A dynamic and modular instrumentation framework for PHP language.☆9Updated 5 years ago
- Jaqen - Simple DNS rebinding☆71Updated 6 years ago
- Deprecated: Please visit https://github.com/github/codeql instead.☆81Updated 2 years ago
- ☆79Updated 12 years ago
- Burp Suite extension for JAX-RS☆65Updated 7 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆121Updated 7 years ago
- Static DOM XSS Scanner is a Static Analysis tool written in python that will iterate through all the JavaScript and HTML files under the …☆119Updated 9 years ago
- ☆84Updated 7 years ago
- A Chrome extension static analysis tool to help aide in security reviews.☆150Updated last year
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆49Updated 7 years ago
- A Java serializer in JavaScript☆82Updated 6 years ago
- Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale☆17Updated 3 years ago
- JWT fuzzer☆104Updated 6 years ago
- ☆46Updated 8 years ago
- Fuzz testing: Beginner's guide☆76Updated 8 months ago
- Exploit PoC for Spring RCE issue (CVE-2011-2894)☆42Updated last year
- Web Input Vector Extractor Teaser☆131Updated 3 years ago
- ☆16Updated 6 years ago
- DupeKeyInjector☆135Updated 2 years ago
- Proof-of-concept CORS exploitation tool.☆34Updated 5 years ago
- ☆33Updated 3 years ago
- Externalize Java application access to protected resources as log messages.☆41Updated 8 months ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆34Updated 8 years ago
- HTML5 WebSocket message fuzzer☆144Updated 6 years ago