Alternatives and similar repositories for salvation:

Users that are interested in salvation are comparing it to the libraries listed below

• mozfreddyb / eslint-plugin-scanjs-rules
  rules for scanjs functionality
  ☆28Updated 3 years ago
• mozfreddyb / eslint-config-scanjs
  umbrella config to achieve scanjs-like functionality through eslint
  ☆88Updated 3 years ago
• YahooArchive / secure-handlebars
  Handlebars Context Pre-compiler
  ☆45Updated 6 years ago
• google / safe-html-types
  Security contract types
  ☆60Updated 2 years ago
• w3c / webappsec-fetch-metadata
  Fetch Metadata
  ☆75Updated 9 months ago
• mikewest / strict-csp-for-everyone
  This is both a terrible and wonderful idea.
  ☆11Updated 5 years ago
• YahooArchive / csptester
  A quick and easy way to test CSP behavior on modern browsers
  ☆49Updated 6 years ago
• c0nrad / caspr
  Content-Security-Policy report aggregator/analyzer
  ☆54Updated 4 years ago
• w3c / webappsec-suborigins
  Suborigins
  ☆25Updated 3 years ago
• w3c / websec
  Web security drafts
  ☆31Updated 5 years ago
• mozilla / scanjs
  [DEPRECATED] Static analysis tool for javascript code.
  ☆428Updated 3 years ago
• hackvertor / MentalJS
  JavaScript parser and sandbox
  ☆78Updated 8 years ago
• w3c / webappsec-subresource-integrity
  WebAppSec Subresource Integrity
  ☆71Updated 3 months ago
• mikewest / deprecating-document-domain
  `document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?
  ☆16Updated last year
• bahmutov / ban-sensitive-files
  Checks filenames to be committed against a library of filename rules to prevent sensitive files in Git
  ☆64Updated last week
• pauljt / scanjs
  Static analysis tool for javascript code based. Scanjs uses Esprima to convert sources to AST, then walks AST looking for patterns.
  ☆54Updated 10 years ago
• tc39 / security
  Discussion area for security aspects of ECMAScript
  ☆64Updated 7 years ago
• google / certificate-transparency-rfcs
  Certificate Transparency RFC
  ☆80Updated 3 years ago
• w3c / webappsec-csp
  WebAppSec Content Security Policy
  ☆215Updated last week
• trailofbits / http-security
  Parse HTTP Security Headers
  ☆36Updated 4 months ago
• skepticfx / domstorm
  A dashboard for interesting DOM tricks/techniques.
  ☆36Updated 4 years ago
• cure53 / jPurify
  jPurify
  ☆66Updated 7 years ago
• mozilla / security
  Repository for various tools around security
  ☆42Updated 6 months ago
• seanmonstar / hood
  Cover your head. Security headers middlware
  ☆21Updated 11 years ago
• hannob / superfishy
  Archive of software and other data involved in the Superfish / Komodia incident
  ☆60Updated 5 years ago
• mozilla / wikimo_content
  WikiMo documentation (mainly the security space, but everyone's welcome to use this)
  ☆65Updated last year
• dxa4481 / Damn-Vulnerable-Redis-Container
  An example of obtaining RCE via Redis and CSRF
  ☆76Updated 8 years ago
• evilpacket / xss.io
  ☆74Updated 11 years ago
• skepticfx / fuzzcat
  Fuzzing web services in style with nodejs
  ☆11Updated 5 years ago
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆41Updated 8 months ago