davisjam / vuln-regex-detector

Related projects ⓘ

Alternatives and complementary repositories for vuln-regex-detector

• fuzzitdev / jsfuzz
  coverage guided fuzz testing for javascript
  ☆608Updated 3 years ago
• snyk / vulncost
  Find security vulnerabilities in open source npm packages while you code
  ☆202Updated 2 years ago
• davisjam / safe-regex
  Detect possibly catastrophic, exponential-time regular expressions
  ☆168Updated 2 years ago
• w3c / trusted-types
  A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
  ☆606Updated this week
• superhuman / rxxr2
  ☆141Updated last year
• google / csp-evaluator
  ☆329Updated last week
• gkouziik / eslint-plugin-security-node
  ESLint security plugin for Node.js
  ☆101Updated 8 months ago
• NicolaasWeideman / RegexStaticAnalysis
  A tool to perform static analysis on regexes to determine whether they are vulnerable to ReDoS.
  ☆110Updated 2 years ago
• HoLyVieR / prototype-pollution-nsec18
  Content released at NorthSec 2018 for my talk on prototype pollution
  ☆515Updated 5 months ago
• sonatype-nexus-community / auditjs
  Audits an NPM package.json file to identify known vulnerabilities.
  ☆223Updated 4 months ago
• hapijs / bourne
  JSON.parse() drop-in replacement with prototype poisoning protection
  ☆169Updated 2 weeks ago
• mozilla / eslint-plugin-no-unsanitized
  Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
  ☆231Updated last month
• lirantal / lockfile-lint
  Lint an npm or yarn lockfile to analyze and detect security issues
  ☆785Updated last month
• jagracey / RegEx-DoS
  RegEx Denial of Service (ReDos) Scanner
  ☆162Updated 7 years ago
• ajinabraham / njsscan
  njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
  ☆375Updated this week
• fastify / secure-json-parse
  JSON.parse() drop-in replacement with prototype poisoning protection
  ☆225Updated last week
• brannondorsey / host-validation
  Express.js middleware for "Host" and "Referer" header validation to protect against DNS rebinding attacks.
  ☆191Updated 2 years ago
• webschik / tslint-config-security
  TSLint security rules
  ☆70Updated 4 years ago
• uhop / node-re2
  node.js bindings for RE2: fast, safe alternative to backtracking regular expression engines.
  ☆497Updated 2 months ago
• google / node-sec-roadmap
  Some thoughts on how Node.js might respond to a changing security environment
  ☆172Updated 5 years ago
• w3c / webappsec-csp
  WebAppSec Content Security Policy
  ☆210Updated 3 weeks ago
• JacksonGL / NPM-Vuln-PoC
  Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]
  ☆42Updated 4 months ago
• sola-da / ReDoS-vulnerabilities
  A list of ReDoS vulnerabilities in npm modules found by the Software Lab at TU Darmstadt. For each vulnerability, there is a proof-of-con…
  ☆58Updated 6 years ago
• ossf / package-manager-best-practices
  Collection of security best practices for package managers.
  ☆159Updated 2 years ago
• lirantal / npq
  🎖safely* install packages with npm or yarn by auditing them as part of your install process
  ☆948Updated last month
• szmarczak / cacheable-lookup
  A cacheable dns.lookup(…) that respects TTL
  ☆193Updated 9 months ago
• sola-da / Synode
  Automatically Preventing Code Injection Attacks on Node.js
  ☆78Updated 2 years ago
• CodeIntelligenceTesting / jazzer.js
  Coverage-guided, in-process fuzzing for Node.js
  ☆290Updated 4 months ago
• NodeSecure / js-x-ray
  JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
  ☆229Updated last week