ajinabraham / njsscan

Related projects ⓘ

Alternatives and complementary repositories for njsscan

• insidersec / insider
  Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…
  ☆516Updated 2 years ago
• appsecco / dvna
  Damn Vulnerable NodeJS Application
  ☆705Updated 7 months ago
• auth0 / repo-supervisor
  Scan your code for security misconfiguration, search for passwords and secrets.
  ☆638Updated last year
• NodeSecure / js-x-ray
  JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
  ☆229Updated 2 weeks ago
• dolevf / graphql-cop
  Security Auditor Utility for GraphQL APIs
  ☆383Updated 2 months ago
• NeuraLegion / brokencrystals
  A Broken Application - Very Vulnerable!
  ☆131Updated last week
• projectdiscovery / nuclei-action
  Vulnerability Scan with Nuclei
  ☆242Updated this week
• AppThreat / sast-scan
  Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…
  ☆147Updated 4 years ago
• ajinabraham / nodejsscan
  nodejsscan is a static security code scanner for Node.js applications.
  ☆2,399Updated last week
• righettod / poc-graphql
  Research on GraphQL from an AppSec point of view.
  ☆408Updated last year
• Skyscanner / whispers
  Identify hardcoded secrets in static structured text
  ☆476Updated last year
• gsmith257-cyber / GraphCrawler
  GraphQL automated security testing toolkit
  ☆302Updated 9 months ago
• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆808Updated last year
• secureCodeBox / secureCodeBox
  secureCodeBox (SCB) - continuous secure delivery out of the box
  ☆784Updated this week
• tcosolutions / betterscan
  Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
  ☆818Updated this week
• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆262Updated 4 years ago
• imperva / automatic-api-attack-tool
  Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…
  ☆457Updated last year
• jesusprubio / awesome-nodejs-pentest
  Delightful Node.js packages useful for penetration testing, exploiting, reverse engineer, cryptography ...
  ☆418Updated 3 years ago
• visma-prodsec / confused
  Tool to check for dependency confusion vulnerabilities in multiple package management systems
  ☆701Updated 3 months ago
• Fuzzapi / API-fuzzer
  API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities
  ☆387Updated 7 years ago
• softwaresecured / secure-code-review-checklist
  A starter secure code review checklist
  ☆178Updated 5 years ago
• semgrep / semgrep-rules
  Semgrep rules registry
  ☆809Updated this week
• koenbuyens / securityheaders
  Check any website (or set of websites) for insecure security headers.
  ☆245Updated last year
• assetnote / batchql
  GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
  ☆367Updated last year
• dolevf / graphw00f
  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…
  ☆578Updated last month
• threatspec / threatspec
  threatspec - continuous threat modeling, through code
  ☆332Updated 3 years ago
• sonatype-nexus-community / auditjs
  Audits an NPM package.json file to identify known vulnerabilities.
  ☆223Updated last week
• cider-security-research / top-10-cicd-security-risks
  ☆400Updated last year
• davisjam / vuln-regex-detector
  Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.
  ☆320Updated 2 years ago
• OWASP / Docker-Security
  Getting a handle on container security
  ☆632Updated 11 months ago