SAP-archive / node-rasp
An extended Node.js runtime with additional security mechanisms built-in. Protects your Node.js applications from injection attacks such as SQL and NoSQL injection as well as path traversal attacks.
☆31Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for node-rasp
- Generic SAST Library☆124Updated last week
- Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]☆42Updated 4 months ago
- A Chrome extension static analysis tool to help aide in security reviews.☆147Updated last year
- ☆18Updated 5 years ago
- Externalize Java application access to protected resources as log messages.☆41Updated 5 months ago
- This test suite contains over 40 different test cases that have proven to work with different mobile browsers in my research or testing S…☆31Updated 5 years ago
- Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale☆17Updated 3 years ago
- ☆122Updated 3 years ago
- Tainted PhantomJS☆53Updated 9 years ago
- A tool for detecting regular expression denial-of-service vulnerabilities in Android apps.☆33Updated 8 years ago
- Deprecated: Please visit https://github.com/github/codeql instead.☆81Updated 2 years ago
- A Node.js vulnerability finding tool.☆95Updated 4 years ago
- A deliberately vulnerable modern day app with lots of DOM related bugs☆36Updated 5 years ago
- CapFuzz - capture, fuzz & intercept web traffic.☆63Updated 5 years ago
- A web page based fuzzer that generates random JS statements then fuzz in the web-browser.☆58Updated 5 years ago
- Peach Pit for HTTP/2 Targeting Microsoft Edge☆65Updated 7 years ago
- Static DOM XSS Scanner is a Static Analysis tool written in python that will iterate through all the JavaScript and HTML files under the …☆119Updated 9 years ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆49Updated 6 years ago
- softScheck Cloud Fuzzing Framework☆57Updated 6 years ago
- Result files from various fuzzing runs☆16Updated 3 years ago
- ☆70Updated 6 years ago
- ☆46Updated 6 years ago
- A Java serializer in JavaScript☆82Updated 6 years ago
- Materials from Fuzzing Bay Area meetups☆56Updated 4 years ago
- Dockerfile for AFL++ and helpful other tools☆21Updated 4 years ago
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆136Updated 4 years ago
- A collection of Browser DOM Vulnerabilities with PoCs☆39Updated 5 years ago
- JavaScript Static Code Analysis☆25Updated 9 years ago
- protocol fuzzing toolkit☆125Updated 5 years ago
- Network and USB protocol fuzzing toolkit.☆65Updated 6 years ago