SoheilKhodayari/JAW external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SoheilKhodayari/JAW

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SoheilKhodayari/JAW)

Close

SoheilKhodayari / JAWView on GitHubMore

• External links
• Readme badge

JAW: A Graph-based Security Analysis Framework for Client-side JavaScript

☆117Feb 13, 2026Updated 3 months ago

Alternatives and similar repositories for JAW

Users that are interested in JAW are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• SoheilKhodayari / TheThing

  View on GitHub
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆57Oct 25, 2023Updated 2 years ago
• SoheilKhodayari / DOMClobbering

  View on GitHub
  DOM Clobbering Wiki, Browser Testing, and Payload Generation
  ☆61Dec 18, 2025Updated 5 months ago
• testable-eu / sast-testability-patterns

  View on GitHub
  Testability Pattern Catalogs for SAST
  ☆35Feb 18, 2025Updated last year
• pixelindigo / yurascanner

  View on GitHub
  YuraScanner
  ☆79Feb 13, 2025Updated last year
• fast-sp-2023 / fast

  View on GitHub
  ☆31May 1, 2025Updated last year
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• testable-eu / sast-tp-framework

  View on GitHub
  TP-Framework: Testability Pattern Framework for SAST
  ☆16May 10, 2024Updated 2 years ago
• flyboss / MiniTracker

  View on GitHub
  MiniTracker: Large-Scale Sensitive Information Tracking in Mini Apps.
  ☆30Dec 2, 2024Updated last year
• BEESLab / Arcanum

  View on GitHub
  Artifacts of the paper "Arcanum: Detecting and Evaluating the Privacy Risks of Browser Extensions on Web Pages and Web Content" in USENIX…
  ☆18Aug 9, 2024Updated last year
• Aurore54F / DoubleX

  View on GitHub
  Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
  ☆81Nov 23, 2021Updated 4 years ago
• Song-Li / ObjLupAnsys

  View on GitHub
  ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…
  ☆25Nov 30, 2021Updated 4 years ago
• mariussteffens / pmforce

  View on GitHub
  Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale
  ☆18May 17, 2021Updated 5 years ago
• OSUSecLab / TaintMini

  View on GitHub
  Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis
  ☆80Mar 19, 2024Updated 2 years ago
• pruzko / hakuin

  View on GitHub
  A blazing fast and fully configurable Blind SQL Injection optimization and automation framework.
  ☆140Jun 7, 2025Updated 11 months ago
• SoheilKhodayari / Basta-COSI

  View on GitHub
  A framework for the detection of COSI vulnerabilities / XS-Leaks
  ☆14Mar 29, 2023Updated 3 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• therahulkanyal / PanoptiChrome

  View on GitHub
  Discovered Data and Source Code
  ☆10May 5, 2025Updated last year
• yo-yo-yo-jbo / android_webview_security

  View on GitHub
  Android webviews and securiy
  ☆24Sep 18, 2025Updated 8 months ago
• SWAT-project / SWAT

  View on GitHub
  SWAT, a dynamic symbolic execution engine for Java Applications that uses ASM for on-the-fly byte code instrumentation.
  ☆45Apr 13, 2026Updated last month
• KTH-LangSec / silent-spring

  View on GitHub
  Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
  ☆74Jan 21, 2024Updated 2 years ago
• bribes / awesome-msrc-writeups

  View on GitHub
  🐛 A list of writeups from the MSRC (Microsoft) Bug Bounty program
  ☆35Oct 29, 2025Updated 6 months ago
• Haiyang-Sun / nodeprof.js

  View on GitHub
  Instrumentation framework for Node.js compliant to ECMAScript 2020 based on GraalVM.
  ☆60Jan 18, 2025Updated last year
• Song-Li / ODGen

  View on GitHub
  ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.
  ☆168Jan 29, 2024Updated 2 years ago
• kee1ongz / MiniCAT

  View on GitHub
  Mini-program Cross Page Request Forgery (MiniCPRF) Analysis Tool.
  ☆18Oct 30, 2024Updated last year
• Aurore54F / JStap

  View on GitHub
  Modular static malicious JavaScript detection system
  ☆75Jan 18, 2021Updated 5 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• beishanxueyuan / BChecks

  View on GitHub
  burp suite插件
  ☆13Jul 9, 2023Updated 2 years ago
• google / protobuf-extensibility-for-burp

  View on GitHub
  ☆93Jun 21, 2024Updated last year
• francisconeves97 / jxscout-caido

  View on GitHub
  Caido plugin for jxscout
  ☆15May 11, 2026Updated last week
• wala / JS_WALA

  View on GitHub
  WALA analyses and tools that are implemented in JavaScript
  ☆81Oct 25, 2016Updated 9 years ago
• dibollinger / CookieBlock-Consent-Crawler

  View on GitHub
  Webcrawler to collect cookie data and usage purposes, built using OpenWPM.
  ☆13Jun 3, 2023Updated 2 years ago
• Philesiv / XSLeaker

  View on GitHub
  Searcher for cross-site leaks (XS-Leaks)
  ☆83Dec 27, 2022Updated 3 years ago
• AiGptCode / Rapid-Url

  View on GitHub
  retrieve comprehensive information about a website, including its title, last modified date, DNS information, subdomains, firewall names,…
  ☆16Mar 24, 2024Updated 2 years ago
• SAP-archive / node-rasp

  View on GitHub
  An extended Node.js runtime with additional security mechanisms built-in. Protects your Node.js applications from injection attacks such …
  ☆31May 7, 2021Updated 5 years ago
• secure-software-engineering / secucheck

  View on GitHub
  Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…
  ☆18Jan 30, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• wspr-ncsu / FV8

  View on GitHub
  ☆12Jul 9, 2024Updated last year
• detectify / Varnish-H2-Request-Smuggling

  View on GitHub
  ☆56Aug 26, 2021Updated 4 years ago
• WaterfallEngineering / reanimator

  View on GitHub
  Capture and replay execution traces of client-side web applications
  ☆28May 31, 2013Updated 12 years ago
• Aurore54F / static-pdg-js

  View on GitHub
  Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis
  ☆29Feb 26, 2022Updated 4 years ago
• Moopinger / CLZero

  View on GitHub
  A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors
  ☆91Feb 3, 2024Updated 2 years ago
• novafacing / libc-fuzzer

  View on GitHub
  A fuzzer setup to fuzz libc functions.
  ☆16Aug 30, 2022Updated 3 years ago
• ElectrovoltSec / HackBench

  View on GitHub
  How effective are LLMs in identifying and exploiting security vulnerabilities?
  ☆70Feb 28, 2025Updated last year