Joi Security Logo

Joi Security

0
Free
Visit Website

This project provides a CLI for offensive and defensive security assessments on the Joi validator library. The goal is to ensure that a given Joi validation schema can resist against known security attacks such as SQL injections, path traversal, and SSRF attempts. To get started, install the latest joi-security CLI tool using NPM: npm install -g joi-security. Create a sample JavaScript file containing the Joi schema for login validation and scan the file using the joi-security scan command. The joi-security CLI includes a wide range of attacks like XSS, SQL injections, NoSQL injections, RCE, LFI, Overflow, SSRF, suspicious IP addresses, homograph attacks on domains & email addresses.

FEATURES

ALTERNATIVES

Tool for attacking Active Directory environments through SQL Server access.

Automatic SSRF fuzzer and exploitation tool

Collection of vulnerable ARM binaries for beginner vulnerability researchers & exploit developers.

A full-featured reconnaissance framework for web-based reconnaissance with a modular design.

C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.

A tool for interacting with Exchange servers remotely and exploiting client-side Outlook features.

A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions

A tool for Local File Inclusion (LFI) exploitation and scanning

PINNED