npm-zoo
npm-zoo is a zoo for malicious NPM packages, a curated list of known malicious NPM packages, allowing you to easily identify and avoid them. It provides a comprehensive list of known malicious NPM packages, along with information on how to identify and avoid them. npm-zoo is a valuable resource for developers, security researchers, and anyone looking to ensure the security of their projects and dependencies.
FEATURES
SIMILAR TOOLS
A vulnerable web site in NodeJS for testing security source code analyzers.
Command line interface for managing and inspecting images, policies, subscriptions, and registries with support for various operating systems and packages.
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
The Node.js Bug Bounty Program is a program aimed at identifying and fixing security vulnerabilities in the Node.js ecosystem.
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
Automate version scraping and vulnerability scanning for Ruby on Rails stacks.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
An AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.
A tool that assesses AWS accounts for subdomain hijacking vulnerabilities in Route53 and CloudFront configurations.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.