Alternatives and similar repositories for vulncost

Users that are interested in vulncost are comparing it to the libraries listed below

• ossf / package-manager-best-practices
  Collection of security best practices for package managers.
  ☆162Updated 2 years ago
• UlisesGascon / check-my-headers
  Fast and simple way to check any HTTP Headers
  ☆45Updated last year
• webschik / tslint-config-security
  TSLint security rules
  ☆69Updated 4 years ago
• mozilla / eslint-plugin-no-unsanitized
  Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
  ☆236Updated 5 months ago
• lirantal / eslint-plugin-anti-trojan-source
  ESLint plugin to detect and stop Trojan Source attacks
  ☆77Updated 2 years ago
• google / tsec
  ☆132Updated 2 months ago
• lirantal / detect-secrets
  A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets
  ☆50Updated 3 years ago
• sonatype-nexus-community / auditjs
  Audits an NPM package.json file to identify known vulnerabilities.
  ☆227Updated 6 months ago
• GoogleCloudPlatform / wombat-dressing-room
  proxy designed to reduce the attack surface of npm publish
  ☆115Updated 2 weeks ago
• fregante / ghat
  🛕 Reuse GitHub Actions workflows across repositories
  ☆265Updated 4 years ago
• zaproxy / zap-api-nodejs
  ☆49Updated last week
• NodeSecure / js-x-ray
  JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
  ☆242Updated this week
• lirantal / anti-trojan-source
  Detect trojan source attacks that employ unicode bidi attacks to inject malicious code
  ☆47Updated 2 years ago
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆120Updated 3 months ago
• GoogleChromeLabs / perf-track
  Tracking framework performance and usage at scale
  ☆153Updated 7 months ago
• lirantal / lockfile-lint
  Lint an npm or yarn lockfile to analyze and detect security issues
  ☆792Updated 2 weeks ago
• snyk-labs / snync
  Mitigate security concerns of Dependency Confusion supply chain security risks
  ☆46Updated 2 years ago
• mozilla / observatory-cli
  ☆191Updated 6 months ago
• lirantal / npq
  🎖safely* install packages with npm or yarn by auditing them as part of your install process
  ☆985Updated 8 months ago
• salesforce / lobster-pot
  Scans every git push to your Github organisations to find unwanted secrets.
  ☆87Updated last week
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆56Updated 8 months ago
• rouanw / npm-audit-helper
  Helps you understand and work through npm audit results
  ☆19Updated 2 years ago
• nice-registry / all-the-package-repos
  🌍 Normalized repository URLs for every package in the npm registry. Updated daily.
  ☆85Updated this week
• papandreou / seespee
  Create a Content-Security-Policy for a website based on the statically detectable relations
  ☆76Updated last year
• yaakov123 / hagana
  NodeJS runtime protection for supply chain attacks
  ☆141Updated 2 years ago
• watson / ci-info
  Get details about the current Continuous Integration environment
  ☆341Updated 2 months ago
• google / node-sec-roadmap
  Some thoughts on how Node.js might respond to a changing security environment
  ☆173Updated 6 years ago
• electron / sheriff
  Controls and monitors organization permissions across GitHub, Slack and GSuite. Built with ❤️ by The Electron Team
  ☆147Updated this week
• Open-Source-Security-Coalition / Open-Source-Security-Coalition
  ☆39Updated 4 years ago
• tldrrun / tools.tldr.run
  A curated list of security tools for Hackers & Builders!
  ☆99Updated 9 months ago