ajinabraham / njsscan
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
☆393Updated 4 months ago
Alternatives and similar repositories for njsscan:
Users that are interested in njsscan are comparing it to the libraries listed below
- JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.☆238Updated 2 weeks ago
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆528Updated 2 years ago
- nodejsscan is a static security code scanner for Node.js applications.☆2,446Updated 3 weeks ago
- Generic SAST Library☆130Updated 4 months ago
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆148Updated 4 years ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆836Updated last year
- A Broken Application - Very Vulnerable!☆148Updated this week
- Security Auditor Utility for GraphQL APIs☆436Updated last month
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆392Updated 7 years ago
- A comprehensive list of software composition analysis tools.☆141Updated 9 months ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆470Updated last year
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,601Updated last week
- A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of se…☆461Updated 7 months ago
- A Node.js vulnerability finding tool.☆96Updated 4 years ago
- The Secure Coding Framework☆269Updated 4 years ago
- Damn Vulnerable NodeJS Application☆720Updated last year
- A starter secure code review checklist☆182Updated 6 years ago
- Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.☆321Updated 3 years ago
- The OWASP Secure Headers Project☆153Updated last week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆880Updated this week
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆381Updated 2 years ago
- Audits an NPM package.json file to identify known vulnerabilities.☆227Updated 4 months ago
- DOM XSS scanner for Single Page Applications☆403Updated 8 months ago
- ☆184Updated 4 months ago
- OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws☆324Updated 7 months ago
- This repository contains payload to test NoSQL Injections☆356Updated 3 years ago
- Finding potential software vulnerabilities from git commit messages☆409Updated last year
- Check any website (or set of websites) for insecure security headers.☆247Updated last year
- Mitigate security concerns of Dependency Confusion supply chain security risks☆46Updated 2 years ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆66Updated 9 months ago