is-website-vulnerable is a command-line tool that scans websites to identify publicly known security vulnerabilities in frontend JavaScript libraries. The tool analyzes JavaScript libraries used by a website and cross-references them against Snyk's vulnerability database to detect known security issues. The tool operates without requiring special setup or configuration and can be deployed through multiple methods including command line interface, Docker containers, or as a GitHub Action. When vulnerabilities are discovered, the tool provides detailed information about the security issues found in the JavaScript libraries. The scanner focuses specifically on frontend JavaScript dependencies and libraries, making it suitable for identifying client-side security risks. It integrates into existing development workflows and continuous integration pipelines through its GitHub Action implementation. The tool leverages Snyk's vulnerability database as its source of truth for known security vulnerabilities, ensuring coverage of publicly disclosed security issues affecting JavaScript libraries commonly used in web applications.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
An open-source tool that automates the detection and analysis of DLL hijacking vulnerabilities in Windows applications, providing detailed reports and remediation guidance.
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
RiskInDroid is a machine learning-based tool that performs quantitative risk analysis of Android applications by reverse engineering bytecode and analyzing permission usage to generate numeric risk scores.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A deliberately vulnerable Java web application designed for educational purposes to teach web application security concepts and common vulnerabilities.
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.