snyk / vulncostLinks
Find security vulnerabilities in open source npm packages while you code
☆210Updated 3 years ago
Alternatives and similar repositories for vulncost
Users that are interested in vulncost are comparing it to the libraries listed below
Sorting:
- Fast and simple way to check any HTTP Headers☆46Updated 2 years ago
- Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike☆237Updated last month
- ESLint plugin to detect and stop Trojan Source attacks☆78Updated 2 years ago
- Security advisories for Node.js and the JavaScript ecosystem.☆40Updated 4 years ago
- TSLint security rules☆69Updated 5 years ago
- A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets☆51Updated 3 years ago
- Collection of security best practices for package managers.☆164Updated 3 years ago
- Audits an NPM package.json file to identify known vulnerabilities.☆230Updated 3 months ago
- JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.☆256Updated last week
- An extensible, heuristic-based vulnerability scanning tool for installed npm packages☆50Updated 4 years ago
- NodeJS runtime protection for supply chain attacks☆141Updated 3 years ago
- Detect trojan source attacks that employ unicode bidi attacks to inject malicious code☆47Updated 2 years ago
- A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC☆32Updated 9 months ago
- 🛕 Reuse GitHub Actions workflows across repositories☆267Updated 4 years ago
- Hands-on practical use of HTTP security headers as browser security controls to help secure web applications☆18Updated 2 years ago
- ☆192Updated 11 months ago
- Derive property based testing fast-check into a fuzzer for REST APIs☆39Updated 4 years ago
- Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.☆336Updated 3 years ago
- Tool to export test reports from the Snyk CLI to HTML.☆100Updated 3 weeks ago
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆61Updated 4 months ago
- Mitigate security concerns of Dependency Confusion supply chain security risks☆49Updated 3 months ago
- Some thoughts on how Node.js might respond to a changing security environment☆173Updated 6 years ago
- Create a Content-Security-Policy for a website based on the statically detectable relations☆77Updated 4 months ago
- proxy designed to reduce the attack surface of npm publish☆119Updated 2 months ago
- ☆41Updated 5 years ago
- Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository☆191Updated 11 months ago
- ESLint security plugin for Node.js☆105Updated last year
- Tracking framework performance and usage at scale☆153Updated last year
- Lint an npm or yarn lockfile to analyze and detect security issues☆823Updated 5 months ago
- Controls and monitors organization permissions across GitHub, Slack and GSuite. Built with ❤️ by The Electron Team☆149Updated last week