Audits JavaScript projects using the OSS Index v3 REST API to identify known vulnerabilities and outdated package versions. Supports any project with package managers that install npm dependencies into a node_modules folder including: npm, Angular, yarn, bower. For users wanting to use Nexus IQ Server as their data source for scanning, version 77 or above must be installed. The user performing the scan must have the permission 'Can Evaluate Applications', which can be found in the Role Editor > User > Permissions > IQ Installation. AuditJS can be used via npx (least permanent install) or global install (most permanent install). It supports node LTS versions of 8.x forward at the moment.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
Nmap is an essential network scanning tool used for network security auditing and status monitoring.
Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.
An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.
Web inventory tool that captures screenshots of webpages and includes additional features for enhanced usability.
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.