内容简介:Static security code scanner (SAST) for Node.js applications powered byMade with in India
nodejsscan
Static security code scanner (SAST) for Node.js applications powered by njsscan and semgrep .
Made with in India
e-Learning Courses & Certifications
OpSecX Node.js Security: Pentesting and Exploitation - NJS
Run nodejsscan
docker pull opensecurity/nodejsscan:latest docker run -it -p 9090:9090 opensecurity/nodejsscan:latest
Try nodejsscan online:
Setup nodejsscan locally
Install Postgres and configure SQLALCHEMY_DATABASE_URI in nodejsscan/settings.py or as environment variable.
From version 4 onwards, windows support is dropped.
git clone https://github.com/ajinabraham/nodejsscan.git cd nodejsscan python3 -m venv venv source venv/bin/activate pip install -r requirements.txt python3 manage.py recreate_db # Run once to create database entries
To run nodejsscan
./run.sh
This will run nodejsscan web user interface at http://127.0.0.1:9090
Command Line Interface(CLI) and Python API
- CLI: https://github.com/ajinabraham/njsscan#command-line-options
- API: https://github.com/ajinabraham/njsscan#python-api
Integrations
Slack Alerts
Create your slack app Slack App and set SLACK_WEBHOOK_URL in nodejsscan/settings.py or as environment variable.
Email Alerts
Configure SMTP settings in nodejsscan/settings.py or as environment variable.
Github Action
- nodejsscan action: https://github.com/ajinabraham/njsscan#github-action
Build Docker image
docker build -t nodejsscan . docker run -it -p 9090:9090 nodejsscan
- CLI Docker Image: https://github.com/ajinabraham/njsscan#build-locally
nodejsscan screenshots
以上所述就是小编给大家介绍的《Node.jsScan: A semantic aware static code analysis tool for Node.js applications》,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对 码农网 的支持!
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
