jsoverson / badjs.org

Related projects ⓘ

Alternatives and complementary repositories for badjs.org

• spaceraccoon / npm-zoo
  A zoo for malicious NPM packages
  ☆20Updated last year
• eikendev / sectxt
  A library & tool for probing, parsing, and validating security.txt files as specified in RFC 9116
  ☆13Updated 6 months ago
• intruder-io / param-miner
  Fork of https://github.com/PortSwigger/param-miner for header smuggling research
  ☆12Updated 2 years ago
• wspr-ncsu / mininode
  Mininode is a CLI tool to reduce the attack surface of the Node.js applications by using static analysis.
  ☆22Updated last year
• projectdiscovery / subfinder-action
  Fast and passive subdomain enumeration.
  ☆14Updated 2 years ago
• projectdiscovery / dnsx-action
  Fast and multi-purpose DNS toolkit allow to run multiple DNS queries.
  ☆10Updated 2 years ago
• doyensec / imagemagick-security-policy-evaluator
  The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a…
  ☆14Updated last year
• projectdiscovery / naabu-action
  A fast port scanner written in go with a focus on reliability and simplicity.
  ☆16Updated 2 weeks ago
• lirantal / js-vulns-detector
  Inject JS to the DOM to find vulnerable JavaScript libraries
  ☆10Updated last month
• snyk-labs / snync
  Mitigate security concerns of Dependency Confusion supply chain security risks
  ☆40Updated 2 years ago
• PortSwigger / javascript-security
  A Burp Suite extension which performs checks for cross-domain scripting against the DOM, subresource integrity checks, and evaluates Java…
  ☆8Updated 2 years ago
• christophetd / abusing-cloudflare-workers
  Abusing Cloudflare Workers to establish persistence and exfiltrate sensitive data at the edge.
  ☆12Updated 2 years ago
• disclose / dnssecuritytxt
  A standard allowing organizations to nominate security contact points and policies via DNS TXT records.
  ☆31Updated last year
• 0xdea / advisories
  A collection of my public security advisories.
  ☆23Updated 5 months ago
• PortSwigger / piper
  Piper Burp Suite Extender plugin
  ☆13Updated 3 years ago
• projectdiscovery / notify-action
  Notify is a helper utility written in Go that allows you to post output to multiple platforms.
  ☆15Updated 2 years ago
• OWASP / cwe-sdk-javascript
  A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
  ☆33Updated 2 weeks ago
• zaproxy / front-end-tracker
  ☆14Updated last year
• zmap / pybulkwhois
  Python framework for manipulating bulk WHOIS data from RIRs
  ☆19Updated 2 years ago
• gwen001 / gitgrep
  Webapp to perform regexp search over GitHub search.
  ☆17Updated last year
• spaceraccoon / npm-scan
  An extensible, heuristic-based vulnerability scanning tool for installed npm packages
  ☆50Updated 3 years ago
• lirantal / express-security-txt
  A Node.js middleware for Express that implements Security.txt - A Method for Web Security Policies
  ☆18Updated 2 years ago
• OllieJC / findsecuritycontacts.com
  ☆21Updated 3 months ago
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆55Updated 2 months ago
• 1Password / burp-1password-session-analyzer
  Burp plugin for the 1Password session protocol for use by security researchers. https://bugcrowd.com/agilebits
  ☆53Updated 11 months ago
• abusech / YARAify
  Open YARA scan- and search engine
  ☆16Updated last year
• sodejm / Pentest-Scripts
  Useful scripts I have made for pentests. (nothing pretty)
  ☆9Updated last year
• davinerd / gql_intruder
  A plugin based GraphQL vulnerability assessment tool.
  ☆13Updated 3 years ago
• PortSwigger / handy-collaborator
  Burp Suite plugin created for using Collaborator tool during manual testing
  ☆19Updated 2 years ago
• carlospolop / github_archive_scraper
  ☆16Updated last year