ajinabraham / njsscanLinks
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
☆402Updated 7 months ago
Alternatives and similar repositories for njsscan
Users that are interested in njsscan are comparing it to the libraries listed below
Sorting:
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆540Updated 3 years ago
- DOM XSS scanner for Single Page Applications☆411Updated 3 weeks ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆725Updated 10 months ago
- JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.☆252Updated this week
- Generic SAST Library☆131Updated last week
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆474Updated 2 years ago
- nodejsscan is a static security code scanner for Node.js applications.☆2,475Updated last month
- Damn Vulnerable NodeJS Application☆737Updated last year
- ☆196Updated 7 months ago
- Awesome information for WebSockets security research☆271Updated 3 years ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆397Updated 7 years ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆381Updated 3 years ago
- A Node.js vulnerability finding tool.☆95Updated 4 years ago
- Predict Mongo ObjectIds☆136Updated 7 years ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆205Updated 2 years ago
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆222Updated last year
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆929Updated this week
- Private key usage verification☆431Updated 2 months ago
- Benchmarking repo for secrets scanning☆232Updated 10 months ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆316Updated last year
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆386Updated 2 years ago
- Check any website (or set of websites) for insecure security headers.☆251Updated 2 years ago
- Content released at NorthSec 2018 for my talk on prototype pollution☆531Updated last year
- secretz, minimizing the large attack surface of Travis CI☆326Updated 3 years ago
- Find secrets in your codebase☆123Updated 3 months ago
- A simple SSRF-testing sheriff written in Go☆327Updated 7 months ago
- Security Auditor Utility for GraphQL APIs☆477Updated 4 months ago
- Client Side Prototype Pollution Scanner☆518Updated 2 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆177Updated 2 years ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆424Updated 3 weeks ago