Alternatives and similar repositories for awesome-nodejs-pentest:

Users that are interested in awesome-nodejs-pentest are comparing it to the libraries listed below

• appsecco / dvna
  Damn Vulnerable NodeJS Application
  ☆707Updated 8 months ago
• jesusprubio / strong-node
  More than 100 security checks for your Node.js API
  ☆502Updated 7 months ago
• cr0hn / vulnerable-node
  A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of se…
  ☆450Updated 3 months ago
• pownjs / pown
  Pown.js is a security testing an exploitation toolkit built on top of Node.js and NPM.
  ☆260Updated last year
• ropnop / serverless_toolkit
  A collection of useful Serverless functions I use when pentesting
  ☆381Updated last year
• fcavallarin / domdig
  DOM XSS scanner for Single Page Applications
  ☆395Updated 4 months ago
• geeksonsecurity / vuln-web-apps
  A curated list of vulnerable web applications.
  ☆263Updated 11 months ago
• bugbountyforum / XSS-Radar
  ☆320Updated 6 years ago
• ajinabraham / njsscan
  njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
  ☆376Updated 2 weeks ago
• SolomonSklash / chomp-scan
  A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
  ☆395Updated 4 years ago
• cr0hn / nosqlinjection_wordlists
  This repository contains payload to test NoSQL Injections
  ☆352Updated 3 years ago
• doyensec / burpdeveltraining
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆347Updated 4 years ago
• dsopas / assessment-mindset
  Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
  ☆731Updated 2 years ago
• PortSwigger / hackability
  Probe a rendering engine for vulnerabilities and other features
  ☆366Updated 3 years ago
• fransr / bountyplz
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆444Updated 5 years ago
• Fuzzapi / fuzzapi
  Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
  ☆634Updated 3 years ago
• lirantal / essential-nodejs-security-book
  Documentation for Essential Node.js Security
  ☆95Updated last year
• EdOverflow / megplus
  Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
  ☆302Updated 6 years ago
• pownjs / recon
  A powerful target reconnaissance framework powered by graph theory.
  ☆421Updated 2 years ago
• M507 / AWAE-Preparation
  This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE.
  ☆235Updated 5 years ago
• righettod / poc-graphql
  Research on GraphQL from an AppSec point of view.
  ☆410Updated last year
• LewisArdern / bXSS
  bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
  ☆521Updated last year
• FSecureLABS / dref
  DNS Rebinding Exploitation Framework
  ☆484Updated 3 years ago
• danilabs / tools-tbhm
  Tools of "The Bug Hunters Methodology V2 by @jhaddix"
  ☆197Updated 7 years ago
• gwen001 / s3-buckets-finder
  Find AWS S3 buckets and test their permissions.
  ☆368Updated last year
• RhinoSecurityLabs / SleuthQL
  Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
  ☆466Updated 5 years ago
• prodigysml / Dr.-Watson
  Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's yo…
  ☆214Updated 5 years ago
• sneakerhax / TTPs
  Red Team Tactics, Techniques, and Procedures
  ☆394Updated last month
• TyrantSec / Fuzzing
  Fuzzing Payloads to Assist in Web Application Testing.
  ☆166Updated 5 years ago