Joi Security Logo

Joi Security

0
Free
Visit Website

This project provides a CLI for offensive and defensive security assessments on the Joi validator library. The goal is to ensure that a given Joi validation schema can resist against known security attacks such as SQL injections, path traversal, and SSRF attempts. To get started, install the latest joi-security CLI tool using NPM: npm install -g joi-security. Create a sample JavaScript file containing the Joi schema for login validation and scan the file using the joi-security scan command. The joi-security CLI includes a wide range of attacks like XSS, SQL injections, NoSQL injections, RCE, LFI, Overflow, SSRF, suspicious IP addresses, homograph attacks on domains & email addresses.

FEATURES

ALTERNATIVES

SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.

Check if a domain is in the Alexa or Cisco top one million domain list.

A fuzzing framework for Android that creates corrupt media files to identify potential vulnerabilities

A tool for managing multiple reverse shell sessions/clients via terminal with a RESTful API.

Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.

A visual guide illustrating attack paths and techniques for exploiting vulnerabilities in GitHub Actions configurations.

APT Simulator is a tool for simulating a compromised system on Windows.

A standard for conducting penetration tests, covering seven main sections from planning to reporting.