Alternatives and similar repositories for auditjs:

Users that are interested in auditjs are comparing it to the libraries listed below

• CycloneDX / cyclonedx-node-module
  creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
  ☆126Updated last month
• webschik / tslint-config-security
  TSLint security rules
  ☆70Updated 4 years ago
• zaproxy / zap-api-nodejs
  ☆49Updated last week
• AppThreat / sast-scan
  Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…
  ☆148Updated 4 years ago
• ajinabraham / njsscan
  njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
  ☆393Updated 4 months ago
• snyk / vulncost
  Find security vulnerabilities in open source npm packages while you code
  ☆205Updated 2 years ago
• ICTU / zap2docker-auth-weekly
  Zap baseline scanner in Docker with authentication
  ☆103Updated 10 months ago
• OWASP / samm
  SAMM stands for Software Assurance Maturity Model.
  ☆398Updated 2 years ago
• CycloneDX / cyclonedx-node-npm
  Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
  ☆82Updated last week
• OWASP / www-project-api-security
  OWASP Foundation Web Repository
  ☆47Updated 3 months ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆142Updated 11 months ago
• auth0 / repo-supervisor
  Scan your code for security misconfiguration, search for passwords and secrets.
  ☆644Updated last year
• OWASP / www-project-secure-headers
  The OWASP Secure Headers Project
  ☆153Updated this week
• naugtur / npm-audit-resolver
  ☆123Updated last year
• lirantal / detect-secrets
  A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets
  ☆50Updated 2 years ago
• nodejs / security-advisories
  Security advisories for Node.js and the JavaScript ecosystem.
  ☆41Updated 3 years ago
• ESAPI / node-esapi
  A minimal port of the old, publicly archived "owasp-esapi-js" (Enterprise Security API for JavaScript) encoder.
  ☆136Updated 2 years ago
• davisjam / vuln-regex-detector
  Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.
  ☆321Updated 3 years ago
• google / node-sec-roadmap
  Some thoughts on how Node.js might respond to a changing security environment
  ☆173Updated 6 years ago
• mozilla / eslint-plugin-no-unsanitized
  Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
  ☆235Updated 4 months ago
• artilleryio / artillery-plugin-fuzzer
  Fuzz testing for HTTP APIs with Artillery.io 🌪
  ☆60Updated 2 years ago
• mikesamuel / attack-review-testbed
  Make it easy to probe the strengths and weaknesses of a hardened Node.js stack
  ☆19Updated 5 years ago
• OWASP / user-security-stories
  Repo to hold mapping of user-security-stories
  ☆118Updated 6 years ago
• spaceraccoon / npm-scan
  An extensible, heuristic-based vulnerability scanning tool for installed npm packages
  ☆50Updated 3 years ago
• mikesamuel / node-sec-patterns
  Security design pattern support for Node.js
  ☆24Updated 5 years ago
• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆836Updated last year
• we45 / ThreatPlaybook
  A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…
  ☆278Updated this week
• SecurityRAT / SecurityRAT
  OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
  ☆178Updated 3 months ago
• dpnishant / jsprime
  a javascript static security analysis tool
  ☆589Updated 9 years ago
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆274Updated 2 years ago