Javascript
Explore 40 curated tools and resources
LATEST ADDITIONS
Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.
A collection of XSS payloads designed to turn alert(1) into P1
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A Burp extension for scanning JavaScript files for endpoint links
A Python script that finds endpoints in JavaScript files to identify potential security vulnerabilities.
A tool to search for Sentry config on a page or in JavaScript files and check for blind SSRF
Fuzzilli is a JavaScript engine fuzzer that helps identify vulnerabilities in JavaScript engines.
JavaScript library scanner and SBOM generator
Hack with JavaScript XSS'OR tool for encoding/decoding and various XSS related functionalities.
A tool to find S3 buckets from HTML, JS, and bucket misconfiguration testing
A honeypot for remote file inclusion (RFI) and local file inclusion (LFI) using fake URLs to catch scanning bots and malwares.
Cybersecurity project for security monitoring of Node.js applications.
StegCloak is a JavaScript steganography module for hiding secrets inside text using invisible characters.
Report on a malicious module posing as a cookie parsing library on npm blog archive.
A set of tools for securing JavaScript projects against software supply chain attacks.
Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.
Detect users' operating systems and perform redirection with Apache mod_rewrite.
JavaScript parser, minifier, compressor, and beautifier toolkit with simplified API and CLI.
Finds publicly known security vulnerabilities in a website's frontend JavaScript libraries.
Reformat and re-indent bookmarklets, ugly JavaScript, and unpack scripts with options available via UI.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
A tool that reveals invisible links within JavaScript files
Python library and command line tools for log visualization with interactive plots.
Protect against Prototype Pollution vulnerabilities in your application by freezing JavaScript objects.
Phish Report is inaccessible without JavaScript and cookies enabled.
A DFIR console integrating various cybersecurity tools and frameworks for efficient incident response.
A detailed analysis of malicious packages and how they work
Stixview is a JS library for embeddable interactive STIX2 graphs, aiming to bridge the gap between CTI stories and structured CTI snapshots.
nudge4j is a tool to control Java applications from the browser and experiment with live code.
A javascript malware analysis tool with backend code execution.
A Node.js Ebook by GENTILHOMME Thomas, covering Node.js development and resources
Revelo is an experimental Javascript deobfuscator tool with features to analyze and deobfuscate Javascript code.
FingerprintJS is a client-side browser fingerprinting library that provides a unique visitor identifier unaffected by incognito mode.
A comprehensive mind map diagram summarizing Javascript syntax and concepts in a single picture.
A comprehensive guide to Python 3 syntax, features, and resources in a single image.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Commercial
Security Operations
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Commercial
Application Security
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Commercial
IAM
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security