Alternatives and similar repositories for awesome-nodejs-pentest

Users that are interested in awesome-nodejs-pentest are comparing it to the libraries listed below

• appsecco / dvna
  Damn Vulnerable NodeJS Application
  ☆743Updated last year
• ajinabraham / njsscan
  njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
  ☆409Updated 9 months ago
• pownjs / pown
  Pown.js is a security testing an exploitation toolkit built on top of Node.js and NPM.
  ☆262Updated 2 years ago
• cr0hn / vulnerable-node
  A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of se…
  ☆476Updated last year
• righettod / poc-graphql
  Research on GraphQL from an AppSec point of view.
  ☆415Updated 2 years ago
• lirantal / essential-nodejs-security-book
  Documentation for Essential Node.js Security
  ☆97Updated 2 years ago
• Checkmarx / JS-SCP
  JavaScript Secure Coding Practices guide
  ☆181Updated 4 years ago
• ropnop / serverless_toolkit
  A collection of useful Serverless functions I use when pentesting
  ☆388Updated 2 years ago
• cr0hn / nosqlinjection_wordlists
  This repository contains payload to test NoSQL Injections
  ☆365Updated 4 years ago
• jesusprubio / strong-node
  More than 100 security checks for your Node.js API
  ☆511Updated last year
• fcavallarin / domdig
  DOM XSS scanner for Single Page Applications
  ☆416Updated 2 months ago
• doyensec / burpdeveltraining
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆356Updated 4 years ago
• authcov / authcov
  Web app authorisation coverage scanning
  ☆237Updated 2 years ago
• dsopas / assessment-mindset
  Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
  ☆745Updated 3 years ago
• dustyfresh / PHP-vulnerability-audit-cheatsheet
  This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…
  ☆356Updated 5 months ago
• SolomonSklash / chomp-scan
  A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
  ☆396Updated 5 years ago
• lc / secretz
  secretz, minimizing the large attack surface of Travis CI
  ☆327Updated 3 years ago
• wisec / domxsswiki
  Automatically exported from code.google.com/p/domxsswiki
  ☆539Updated 7 years ago
• xsscx / Commodity-Injection-Signatures
  Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
  ☆405Updated 4 months ago
• nccgroup / tracy
  A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
  ☆564Updated 2 years ago
• PortSwigger / hackability
  Probe a rendering engine for vulnerabilities and other features
  ☆367Updated 3 years ago
• LewisArdern / bXSS
  bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
  ☆543Updated 2 years ago
• FSecureLABS / dref
  DNS Rebinding Exploitation Framework
  ☆492Updated 4 years ago
• proabiral / inception
  A highly configurable Framework for easy automated web scanning
  ☆378Updated 5 years ago
• juice-shop / pwning-juice-shop
  Antora/Asciidoc content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"
  ☆229Updated last week
• sneakerhax / TTPs
  Red Team Tactics, Techniques, and Procedures
  ☆410Updated 2 weeks ago
• snyk-labs / exploit-workshop
  A step by step workshop to exploit various vulnerabilities in Node.js and Java applications
  ☆158Updated last year
• bugbountyforum / XSS-Radar
  ☆327Updated 7 years ago
• vitalysim / totalrecon
  TotalRecon installs all the recon tools you need
  ☆464Updated 5 years ago
• geeksonsecurity / vuln-web-apps
  A curated list of vulnerable web applications.
  ☆311Updated last year