lunasec-io / damn-vulnerable-js-scaLinks
An intentionally vulnerable Javascript app containing notable vulnerabilities in its dependencies.
β19Updated 2 years ago
Alternatives and similar repositories for damn-vulnerable-js-sca
Users that are interested in damn-vulnerable-js-sca are comparing it to the libraries listed below
Sorting:
- An Open Letter to the OWASP Boardβ107Updated 2 years ago
- Manager of third-party sources of Semgrep rules πβ90Updated last year
- Unauthenticated enumeration of AWS IAM Roles.β26Updated 3 months ago
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β41Updated last year
- πA cutting edge context aware GraphQL API fuzzing tool!β155Updated last week
- A web fuzzer using the httpipe formatβ101Updated last year
- AI Resilience Maturity Modelβ25Updated last year
- A project to visualize the software supply chainβ55Updated 2 years ago
- HashiCorp-relevant rules for the Semgrep code analysis toolβ41Updated 2 years ago
- Language-agnostic workflow builder. Modular code that goes from dev to prod in a minute with principled design decisions.β13Updated last year
- Scans every git push to your Github organisations to find unwanted secrets.β87Updated 7 months ago
- boostsecurityio/poutineβ347Updated 2 weeks ago
- Security tool against dependency typosquatting attacksβ54Updated this week
- Semgrep-based Policy Controller for Kubernetesβ47Updated 8 months ago
- β30Updated 4 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ139Updated 4 years ago
- A web CTF for training developers in bug hunting and secure coding!β101Updated 11 months ago
- β114Updated 2 years ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ228Updated 3 weeks ago
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.β278Updated last year
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflowsβ114Updated this week
- Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's β¦β594Updated 2 months ago
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β140Updated last month
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)β34Updated 7 months ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.β42Updated 2 years ago
- A lightweight library to sanitize data provided to AI toolsβ28Updated 2 years ago
- A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or artβ¦β69Updated 2 weeks ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs andβ¦β155Updated last year
- Private key usage verificationβ433Updated 8 months ago
- Sample code for finding AWS Account ID of an S3 bucket.β51Updated last year