ajinabraham / njsscan
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
☆399Updated 6 months ago
Alternatives and similar repositories for njsscan
Users that are interested in njsscan are comparing it to the libraries listed below
Sorting:
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆839Updated last year
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆536Updated 3 years ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆907Updated this week
- nodejsscan is a static security code scanner for Node.js applications.☆2,467Updated 2 months ago
- A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of se…☆465Updated 8 months ago
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆148Updated 4 years ago
- JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.☆242Updated last week
- A starter secure code review checklist☆182Updated 6 years ago
- Delightful Node.js packages useful for penetration testing, exploiting, reverse engineer, cryptography ...☆425Updated 3 years ago
- Research on GraphQL from an AppSec point of view.☆414Updated last year
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆393Updated 7 years ago
- Mitigate security concerns of Dependency Confusion supply chain security risks☆46Updated 2 years ago
- Generic SAST Library☆131Updated 6 months ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆472Updated 2 years ago
- Security Auditor Utility for GraphQL APIs☆455Updated 2 months ago
- Getting a handle on container security☆650Updated last year
- Damn Vulnerable NodeJS Application☆728Updated last year
- Audits an NPM package.json file to identify known vulnerabilities.☆227Updated 6 months ago
- DOM XSS scanner for Single Page Applications☆409Updated last month
- Scan your code for security misconfiguration, search for passwords and secrets.☆646Updated last year
- Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan☆859Updated last month
- ☆190Updated 6 months ago
- A Broken Application - Very Vulnerable!☆159Updated this week
- Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.☆206Updated 11 months ago
- Predict Mongo ObjectIds☆132Updated 7 years ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆385Updated 2 years ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,619Updated 2 weeks ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆715Updated 8 months ago
- A comprehensive list of software composition analysis tools.☆146Updated 11 months ago
- ☆412Updated 2 years ago