snyk / vulncost

Related projects ⓘ

Alternatives and complementary repositories for vulncost

• ossf / package-manager-best-practices
  Collection of security best practices for package managers.
  ☆159Updated 2 years ago
• mozilla / eslint-plugin-no-unsanitized
  Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
  ☆231Updated this week
• webschik / tslint-config-security
  TSLint security rules
  ☆70Updated 4 years ago
• davisjam / vuln-regex-detector
  Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.
  ☆320Updated 2 years ago
• sonatype-nexus-community / auditjs
  Audits an NPM package.json file to identify known vulnerabilities.
  ☆223Updated last week
• nodejs / security-advisories
  Security advisories for Node.js and the JavaScript ecosystem.
  ☆41Updated 3 years ago
• lirantal / detect-secrets
  A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets
  ☆49Updated 2 years ago
• lirantal / learning-http-security-headers-book
  Hands-on practical use of HTTP security headers as browser security controls to help secure web applications
  ☆18Updated last year
• lirantal / eslint-plugin-anti-trojan-source
  ESLint plugin to detect and stop Trojan Source attacks
  ☆76Updated last year
• UlisesGascon / check-my-headers
  Fast and simple way to check any HTTP Headers
  ☆45Updated last year
• mozilla / observatory-cli
  ☆189Updated last month
• google / tsec
  ☆128Updated last week
• OWASP / cwe-sdk-javascript
  A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
  ☆33Updated 3 weeks ago
• NodeSecure / js-x-ray
  JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
  ☆229Updated 2 weeks ago
• google / node-sec-roadmap
  Some thoughts on how Node.js might respond to a changing security environment
  ☆172Updated 5 years ago
• ajinabraham / njsscan
  njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
  ☆375Updated last week
• google / csp-evaluator
  ☆330Updated 3 weeks ago
• gigsboat / cli
  Do you have a boatload of speaking gigs? Use this CLI to manage them all!
  ☆34Updated 2 years ago
• WICG / sanitizer-api
  ☆228Updated 2 months ago
• microsoft / parallel-prettier
  Concurrent prettier runner
  ☆205Updated 5 months ago
• nickdeis / eslint-plugin-no-secrets
  An eslint plugin to find strings that might be secrets/credentials
  ☆137Updated 2 weeks ago
• yaakov123 / hagana
  NodeJS runtime protection for supply chain attacks
  ☆142Updated 2 years ago
• Open-Source-Security-Coalition / Open-Source-Security-Coalition
  ☆39Updated 4 years ago
• zaproxy / zap-api-nodejs
  ☆46Updated last week
• snyk-labs / snync
  Mitigate security concerns of Dependency Confusion supply chain security risks
  ☆40Updated 2 years ago
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆55Updated 2 months ago
• npm / ci-detect
  Detect what kind of CI environment the program is in
  ☆53Updated last year
• microsoft / sarif-js-sdk
  JavaScript code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oas…
  ☆27Updated 5 months ago
• lirantal / anti-trojan-source
  Detect trojan source attacks that employ unicode bidi attacks to inject malicious code
  ☆47Updated last year
• github / ossar-action
  Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).
  ☆95Updated 7 months ago