JavaScript Vulnerabilities

Open-source JavaScript projects categorized as Vulnerabilities

Top 8 JavaScript Vulnerability Projects

  • Retire.js

    scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

  • awesome-nodejs-security

    Awesome Node.js Security resources

    Project mention: Using insecure npm package manager defaults to steal your macOS keyboard shortcuts | dev.to | 2023-06-29

    Many other JavaScript and Node.js security incidents are curated on the Awesome Node.js Security repository.

  • SurveyJS

    Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

  • pwndoc

    Pentest Report Generator

    Project mention: sysreptor alternatives - writehat, Serpico, ReportGen, and pwndoc | libhunt.com/r/sysreptor | 2023-05-02
  • is-website-vulnerable

    finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

  • npq

    🎖safely* install packages with npm or yarn by auditing them as part of your install process

    Project mention: I wish more developers understood the constant stream of malware that is posted to npm | /r/node | 2023-06-25

    You might also want to look at npq which is an open source project that helps you proactively defend against potentially bad (malicious) npm packages before installing them.

  • sandworm-audit

    Security & License Compliance For Your App's Dependencies 🪱

    Project mention: Anyone else’s project use so many deprecated packages | /r/node | 2023-06-08

    use https://github.com/sandworm-hq/sandworm-audit. if u run it for your app the deprecated libraries will show up in the list of issues found (contributor)

  • scan-action

    Anchore container analysis and scan provided as a GitHub Action

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • CVEAggregate

    Build a CVE library with aggregated CISA, EPSS and CVSS data

    Project mention: CVEAggregate: Build a CVE library with aggregated CISA, EPSS and CVSS data | /r/blueteamsec | 2023-09-03
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-09-03.

JavaScript Vulnerabilities related posts

Index

What are some of the best open-source Vulnerability projects in JavaScript? This list will help you:

Project Stars
1 Retire.js 3,488
2 awesome-nodejs-security 2,555
3 pwndoc 1,986
4 is-website-vulnerable 1,896
5 npq 837
6 sandworm-audit 465
7 scan-action 186
8 CVEAggregate 27
The modern identity platform for B2B SaaS
The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
workos.com