Alternatives and similar repositories for vulncost

Users that are interested in vulncost are comparing it to the libraries listed below

• UlisesGascon / check-my-headers
  Fast and simple way to check any HTTP Headers
  ☆46Updated 2 years ago
• mozilla / eslint-plugin-no-unsanitized
  Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
  ☆237Updated 3 months ago
• nodejs / security-advisories
  Security advisories for Node.js and the JavaScript ecosystem.
  ☆40Updated 4 years ago
• ossf / package-manager-best-practices
  Collection of security best practices for package managers.
  ☆164Updated 3 years ago
• webschik / tslint-config-security
  TSLint security rules
  ☆69Updated 5 years ago
• lirantal / eslint-plugin-anti-trojan-source
  ESLint plugin to detect and stop Trojan Source attacks
  ☆79Updated last month
• lirantal / detect-secrets
  A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets
  ☆52Updated 3 years ago
• OWASP / cwe-sdk-javascript
  A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
  ☆32Updated 11 months ago
• davisjam / vuln-regex-detector
  Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.
  ☆338Updated 3 years ago
• spaceraccoon / npm-scan
  An extensible, heuristic-based vulnerability scanning tool for installed npm packages
  ☆50Updated 4 years ago
• zaproxy / zap-api-nodejs
  ☆56Updated last week
• snyk-labs / snync
  Mitigate security concerns of Dependency Confusion supply chain security risks
  ☆50Updated 5 months ago
• twilio-labs / deadshot
  Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
  ☆191Updated last year
• yaakov123 / hagana
  NodeJS runtime protection for supply chain attacks
  ☆142Updated 3 years ago
• ajinabraham / njsscan
  njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
  ☆418Updated last year
• gkouziik / eslint-plugin-security-node
  ESLint security plugin for Node.js
  ☆106Updated last year
• lirantal / anti-trojan-source
  Detect Glassworm & trojan source attacks that employ unicode bidi attacks to inject malicious code
  ☆57Updated 3 weeks ago
• mozilla / observatory-cli
  ☆191Updated last year
• google / node-sec-roadmap
  Some thoughts on how Node.js might respond to a changing security environment
  ☆173Updated 6 years ago
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆61Updated 6 months ago
• electron / sheriff
  Controls and monitors organization permissions across GitHub, Slack and GSuite. Built with ❤️ by The Electron Team
  ☆149Updated 3 weeks ago
• GoogleCloudPlatform / wombat-dressing-room
  proxy designed to reduce the attack surface of npm publish
  ☆119Updated last week
• fregante / ghat
  🛕 Reuse GitHub Actions workflows across repositories
  ☆267Updated 4 years ago
• lirantal / learning-http-security-headers-book
  Hands-on practical use of HTTP security headers as browser security controls to help secure web applications
  ☆18Updated 2 years ago
• snyk / snyk-to-html
  Tool to export test reports from the Snyk CLI to HTML.
  ☆101Updated 2 weeks ago
• jeemok / better-npm-audit
  The goal of this project is to provide additional features on top of the existing npm audit options
  ☆129Updated 3 weeks ago
• dubzzz / fuzz-rest-api
  Derive property based testing fast-check into a fuzzer for REST APIs
  ☆39Updated 4 years ago
• Open-Source-Security-Coalition / Open-Source-Security-Coalition
  ☆41Updated 5 years ago
• snyk-labs / eslint-plugin-react-security
  ESLint plugin with rules for finding security issues in React projects.
  ☆19Updated 5 months ago
• google / strict-csp
  ☆48Updated 2 months ago