davisjam / vuln-regex-detector
Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.
☆320Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for vuln-regex-detector
- Detect possibly catastrophic, exponential-time regular expressions☆168Updated 2 years ago
- A tool to perform static analysis on regexes to determine whether they are vulnerable to ReDoS.☆110Updated 2 years ago
- Find security vulnerabilities in open source npm packages while you code☆202Updated 2 years ago
- A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.☆606Updated this week
- ☆330Updated 3 weeks ago
- JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.☆229Updated 2 weeks ago
- ☆141Updated last year
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆375Updated last week
- Content released at NorthSec 2018 for my talk on prototype pollution☆515Updated 5 months ago
- Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike☆231Updated this week
- WebAppSec Content Security Policy☆210Updated last month
- Audits an NPM package.json file to identify known vulnerabilities.☆223Updated last week
- node.js bindings for RE2: fast, safe alternative to backtracking regular expression engines.☆502Updated 2 months ago
- Express.js middleware for "Host" and "Referer" header validation to protect against DNS rebinding attacks.☆191Updated 2 years ago
- coverage guided fuzz testing for javascript☆608Updated 3 years ago
- ESLint security plugin for Node.js☆101Updated 9 months ago
- RegEx Denial of Service (ReDos) Scanner☆162Updated 7 years ago
- A minimal port of the old, publicly archived "owasp-esapi-js" (Enterprise Security API for JavaScript) encoder.☆131Updated 2 years ago
- JSON.parse() drop-in replacement with prototype poisoning protection☆225Updated this week
- JSON.parse() drop-in replacement with prototype poisoning protection☆169Updated 3 weeks ago
- Node.js Ecosystem Security Working Group☆501Updated 3 weeks ago
- 🎖safely* install packages with npm or yarn by auditing them as part of your install process☆955Updated 2 months ago
- Some thoughts on how Node.js might respond to a changing security environment☆172Updated 5 years ago
- A list of ReDoS vulnerabilities in npm modules found by the Software Lab at TU Darmstadt. For each vulnerability, there is a proof-of-con…☆58Updated 6 years ago
- NodeJS runtime protection for supply chain attacks☆142Updated 2 years ago
- TSLint security rules☆70Updated 4 years ago
- Coverage-guided, in-process fuzzing for Node.js☆289Updated 5 months ago
- Automatically Preventing Code Injection Attacks on Node.js☆78Updated 2 years ago
- Gracefully terminates HTTP(S) server.☆324Updated last year