shapesecurity / salvation

Related projects: ⓘ

• mozfreddyb / eslint-config-scanjs
  umbrella config to achieve scanjs-like functionality through eslint
  ☆88Updated 3 years ago
• c0nrad / caspr
  Content-Security-Policy report aggregator/analyzer
  ☆54Updated 4 years ago
• mozfreddyb / eslint-plugin-scanjs-rules
  rules for scanjs functionality
  ☆28Updated 3 years ago
• YahooArchive / csptester
  A quick and easy way to test CSP behavior on modern browsers
  ☆49Updated 6 years ago
• YahooArchive / secure-handlebars
  Handlebars Context Pre-compiler
  ☆45Updated 6 years ago
• w3c / webappsec-subresource-integrity
  WebAppSec Subresource Integrity
  ☆70Updated last year
• w3c / webappsec-suborigins
  Suborigins
  ☆25Updated 3 years ago
• yahoo / context-parser
  A robust HTML5 context parser that parses HTML 5 web pages and reports the execution context of each character.
  ☆41Updated 5 years ago
• mozilla / csp-logger
  Log all the CSP violations!
  ☆55Updated last year
• mozilla / scanjs
  [DEPRECATED] Static analysis tool for javascript code.
  ☆428Updated 3 years ago
• w3c / websec
  Web security drafts
  ☆31Updated 5 years ago
• google / safe-html-types
  Security contract types
  ☆61Updated last year
• mikewest / signature-based-sri
  Signature-based Resource Loading Restrictions
  ☆17Updated 6 years ago
• google / certificate-transparency-rfcs
  Certificate Transparency RFC
  ☆80Updated 3 years ago
• w3c / webappsec-referrer-policy
  WebAppSec Referrer Policy
  ☆26Updated 3 weeks ago
• bahmutov / ban-sensitive-files
  Checks filenames to be committed against a library of filename rules to prevent sensitive files in Git
  ☆62Updated this week
• tc39 / security
  Discussion area for security aspects of ECMAScript
  ☆64Updated 6 years ago
• bekk / retire.js
  retire.js has a new home
  ☆20Updated 9 years ago
• w3c / webappsec-csp
  WebAppSec Content Security Policy
  ☆207Updated last week
• mozilla / wikimo_content
  WikiMo documentation (mainly the security space, but everyone's welcome to use this)
  ☆63Updated 8 months ago
• groupon / codeburner
  Security-focused static code analysis for everyone
  ☆82Updated 5 years ago
• w3c / fingerprinting-guidance
  What is browser fingerprinting and how should specification authors address it.
  ☆56Updated 8 months ago
• w3c / webappsec-fetch-metadata
  Fetch Metadata
  ☆75Updated 4 months ago
• 18F / https
  (Deprecated) https guidance for the 18F team
  ☆156Updated 7 years ago
• cure53 / jPurify
  jPurify
  ☆64Updated 7 years ago
• mikewest / strict-csp-for-everyone
  This is both a terrible and wonderful idea.
  ☆10Updated 4 years ago
• WICG / csp-next
  A Modest Content Security Proposal
  ☆39Updated 3 years ago
• mikesamuel / attack-review-testbed
  Make it easy to probe the strengths and weaknesses of a hardened Node.js stack
  ☆19Updated 5 years ago
• hackvertor / MentalJS
  JavaScript parser and sandbox
  ☆78Updated 8 years ago
• w3c / network-error-logging
  Network Error Logging
  ☆80Updated 3 weeks ago