NodeJsScan Logo

NodeJsScan

0
Free
Application Security
Nodejs
Sast
Static Analysis
Security Testing
Devsecops
Visit Website

NodeJsScan is a static security code scanner (SAST) for Node.js applications powered by libsast and semgrep. It is made in India and supports NodeJsScan through donations via Paypal. The tool can be run using Docker or set up locally by installing Postgres and configuring SQLALCHEMY_DATABASE_URI. It also provides a web user interface, a Command Line Interface (CLI), a Python API, and integrations with Slack for alerts.

FEATURES

ALTERNATIVES

BurpSmartBuster Logo
BurpSmartBuster

A Burp Suite content discovery plugin that adds smart functionality to the Buster plugin.

Free
Application Security
APISec Logo
APISec

An automated API security testing platform that provides continuous vulnerability assessment, validation, and educational resources for API endpoint security.

Commercial
Application Security
Dependencies Logo
Dependencies

An open-source modern Dependency Walker for Windows developers.

Free
Application Security
sdc-check Logo
sdc-check

Tool to inform about potential risks in project dependencies list.

Free
Application Security
Miggo Security Logo
Miggo Security

Application monitoring and security platform that provides runtime visibility, threat detection, and automated response capabilities for application-layer security

Commercial
Application Security
ArmorCode Platform Logo
ArmorCode Platform

A centralized application security posture management platform that integrates security tools, automates workflows, and provides visibility into application security risks.

Commercial
Application Security
Contrast Code Security Platform Logo
Contrast Code Security Platform

The Contrast Runtime Security Platform is a suite of application security tools that integrates security into the software development lifecycle and production environments, including IAST, SAST, RASP, and SCA capabilities.

Commercial
Application Security
Checkmarx SCA Logo
Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Commercial
Application Security

PINNED

Mandos Brief Newsletter Logo

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Resources
PTJunior Logo

PTJunior

An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.

Offensive Security
CTIChef.com Detection Feeds Logo

CTIChef.com Detection Feeds

A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

Threat Management
ImmuniWeb® Discovery Logo

ImmuniWeb® Discovery

ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Attack Surface Management
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security