sonatype-nexus-community / auditjs

Related projects ⓘ

Alternatives and complementary repositories for auditjs

• CycloneDX / cyclonedx-node-module
  creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
  ☆124Updated 3 weeks ago
• snyk / vulncost
  Find security vulnerabilities in open source npm packages while you code
  ☆202Updated 2 years ago
• CycloneDX / cyclonedx-node-npm
  Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
  ☆73Updated this week
• auth0 / repo-supervisor
  Scan your code for security misconfiguration, search for passwords and secrets.
  ☆638Updated last year
• webschik / tslint-config-security
  TSLint security rules
  ☆70Updated 4 years ago
• zaproxy / zap-api-nodejs
  ☆46Updated last week
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆135Updated 7 months ago
• ajinabraham / njsscan
  njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
  ☆375Updated last week
• ESAPI / owasp-esapi-js
  An UNMAINTAINTED project originally exported from code.google.com/p/owasp-esapi-js. This project is deprecated. See the README.md for fur…
  ☆101Updated 3 years ago
• ESAPI / node-esapi
  A minimal port of the old, publicly archived "owasp-esapi-js" (Enterprise Security API for JavaScript) encoder.
  ☆131Updated 2 years ago
• davisjam / vuln-regex-detector
  Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.
  ☆320Updated 2 years ago
• artilleryio / artillery-plugin-fuzzer
  Fuzz testing for HTTP APIs with Artillery.io 🌪
  ☆59Updated 2 years ago
• google / node-sec-roadmap
  Some thoughts on how Node.js might respond to a changing security environment
  ☆172Updated 5 years ago
• mozfreddyb / eslint-plugin-scanjs-rules
  rules for scanjs functionality
  ☆28Updated 3 years ago
• AppThreat / sast-scan
  Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…
  ☆147Updated 4 years ago
• purpleteam-labs / purpleteam
  CLI component of OWASP PurpleTeam
  ☆124Updated 11 months ago
• mozfreddyb / eslint-config-scanjs
  umbrella config to achieve scanjs-like functionality through eslint
  ☆88Updated 3 years ago
• naugtur / npm-audit-resolver
  ☆121Updated last year
• ICTU / zap2docker-auth-weekly
  Zap baseline scanner in Docker with authentication
  ☆104Updated 6 months ago
• snyk / snyk-to-html
  export test reports from CLI to html
  ☆87Updated last week
• lirantal / detect-secrets
  A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets
  ☆49Updated 2 years ago
• CycloneDX / gh-node-module-generatebom
  GitHub action to generate a CycloneDX SBOM for Node.js
  ☆21Updated 4 months ago
• IBM / audit-ci
  Audit NPM, Yarn, PNPM, and Bun dependencies in continuous integration environments, preventing integration if vulnerabilities are found a…
  ☆263Updated 2 months ago
• Yelp / fuzz-lightyear
  A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…
  ☆213Updated 6 months ago
• bellingard / sonar-scanner-npm
  SonarQube Scanner for the JavaScript world
  ☆176Updated last year
• snyk / broker
  A broker system between a public service and a private service
  ☆99Updated this week
• mozilla / eslint-plugin-no-unsanitized
  Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
  ☆231Updated this week
• OWASP / Serverless-Top-10-Project
  OWASP Serverless Top 10
  ☆213Updated 3 years ago
• OWASP / Maturity-Models
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆188Updated 6 years ago
• checkmarx-ltd / cx-flow
  Checkmarx Scan and Result Orchestration
  ☆88Updated this week