sonatype-nexus-community / auditjs
Audits an NPM package.json file to identify known vulnerabilities.
☆223Updated last week
Related projects ⓘ
Alternatives and complementary repositories for auditjs
- creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects☆124Updated 3 weeks ago
- Find security vulnerabilities in open source npm packages while you code☆202Updated 2 years ago
- Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.☆73Updated this week
- Scan your code for security misconfiguration, search for passwords and secrets.☆638Updated last year
- TSLint security rules☆70Updated 4 years ago
- ☆46Updated last week
- Software Component Verification Standard (SCVS)☆135Updated 7 months ago
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆375Updated last week
- An UNMAINTAINTED project originally exported from code.google.com/p/owasp-esapi-js. This project is deprecated. See the README.md for fur…☆101Updated 3 years ago
- A minimal port of the old, publicly archived "owasp-esapi-js" (Enterprise Security API for JavaScript) encoder.☆131Updated 2 years ago
- Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.☆320Updated 2 years ago
- Fuzz testing for HTTP APIs with Artillery.io 🌪☆59Updated 2 years ago
- Some thoughts on how Node.js might respond to a changing security environment☆172Updated 5 years ago
- rules for scanjs functionality☆28Updated 3 years ago
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆147Updated 4 years ago
- CLI component of OWASP PurpleTeam☆124Updated 11 months ago
- umbrella config to achieve scanjs-like functionality through eslint☆88Updated 3 years ago
- ☆121Updated last year
- Zap baseline scanner in Docker with authentication☆104Updated 6 months ago
- export test reports from CLI to html☆87Updated last week
- A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets☆49Updated 2 years ago
- GitHub action to generate a CycloneDX SBOM for Node.js☆21Updated 4 months ago
- Audit NPM, Yarn, PNPM, and Bun dependencies in continuous integration environments, preventing integration if vulnerabilities are found a…☆263Updated 2 months ago
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆213Updated 6 months ago
- SonarQube Scanner for the JavaScript world☆176Updated last year
- A broker system between a public service and a private service☆99Updated this week
- Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike☆231Updated this week
- OWASP Serverless Top 10☆213Updated 3 years ago
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆188Updated 6 years ago
- Checkmarx Scan and Result Orchestration☆88Updated this week