cloudfire
gradejs
cloudfire | gradejs | |
---|---|---|
1 | 16 | |
11 | 402 | |
- | 1.0% | |
10.0 | 0.0 | |
over 1 year ago | over 1 year ago | |
Python | TypeScript | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cloudfire
-
A tool that identifies NPM libraries inside production Webpack bundle by entering a website URL
You could use this to bypass their checks
gradejs
-
Find out which NPM packages are used on your favourite website
That's weird. Could you please provide more details and submit an issue? https://github.com/gradejs/gradejs/issues
-
Open source website bundle analyzer that shows vulnerable NPM packages
I’d like to share an open source project I’ve been working on during the last year. It analyzes production JavaScript code and detects bundled NPM package versions. A vulnerability is shown when a specific detected version contains known vulnerabilities, taken from the Github advisory.
There’s also a dedicated package page, that shows accumulated statistics of a package. It’s like wappalyzer or builtwith but with better accuracy. For example: https://gradejs.com/package/react
So far I’ve only indexed ~10,000 popular websites. The current version works for Webpack bundles with 70-90% accuracy and ~3% false positive. The package detection algorithm is designed to match minified and tree-shaken AST subtrees for each export per bundled JS module.
I'd like to collect any feedback from the community.
Repository: https://github.com/gradejs/gradejs
-
I created a tool, that detects NPM package versions used on a website
Source code: https://github.com/gradejs/gradejs
-
Open source tool that detects bundled NPM packages on a website
Well, the accuracy question is tricky, since there are two problems. A false positive mistake is a tool showing something that IS NOT bundled. A false negative mistake would be a tool NOT showing something that IS bundled. Currently we see ~30% FN and ~5% FP for GradeJS accuracy. More info.
- GradeJS – Production Webpack Bundle Analyzer
-
FOSS: A website scanner that detects vulnerable NPM packages.
Try it out: gradejs.com
-
A tool that identifies NPM libraries inside production Webpack bundle by entering a website URL
Source code: https://github.com/gradejs/gradejs
- GitHub - gradejs/gradejs: GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
-
I made a project that detects NPM package versions bundled into website source code
Link: gradejs.com Source code: github.com/gradejs/gradejs
- Production Webpack bundle analyzer without access to the source code
What are some alternatives?
undetected-chromedriver - Custom Selenium Chromedriver | Zero-Config | Passes ALL bot mitigation systems (like Distil / Imperva/ Datadadome / CloudFlare IUAM)
repack - A Webpack-based toolkit to build your React Native application with full support of Webpack ecosystem.
snoop - Snoop — инструмент разведки на основе открытых данных (OSINT world)
BundleMon - A free open-source tool that helps you to monitor your bundle size on every commit and alerts you on changes.
requests-html - Pythonic HTML Parsing for Humans™
nexe - 🎉 create a single executable out of your node.js apps
autoscraper - A Smart, Automatic, Fast and Lightweight Web Scraper for Python
mailgo - 💌 mailgo, a new concept of mailto and tel links [deprecated]
Scrapy - Scrapy, a fast high-level web crawling & scraping framework for Python.
reactn - React, but with built-in global state management.
cloudproxy - Hide your scrapers IP behind the cloud. Provision proxy servers across different cloud providers to improve your scraping success.
yarn.build - Build 🛠 and Bundle 📦 your local workspaces. Like Bazel, Buck, Pants and Please but for Yarn Berry. Build any language, mix javascript, typescript, golang and more in one polyglot repo. Ship your bundles to AWS Lambda, Docker, or any nodejs runtime.