Node.jsScan: A semantic aware static code analysis tool for Node.js applications

栏目: IT技术 · 发布时间: 5年前

内容简介:Static security code scanner (SAST) for Node.js applications powered byMade with in India

nodejsscan

Static security code scanner (SAST) for Node.js applications powered by njsscan and semgrep .

Made with in India

e-Learning Courses & Certifications

Node.jsScan: A semantic aware static code analysis tool for Node.js applications OpSecX Node.js Security: Pentesting and Exploitation - NJS

Run nodejsscan

docker pull opensecurity/nodejsscan:latest
docker run -it -p 9090:9090 opensecurity/nodejsscan:latest

Try nodejsscan online:

Setup nodejsscan locally

Install Postgres and configure SQLALCHEMY_DATABASE_URI in nodejsscan/settings.py or as environment variable.

From version 4 onwards, windows support is dropped.

git clone https://github.com/ajinabraham/nodejsscan.git
cd nodejsscan
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt
python3 manage.py recreate_db # Run once to create database entries

To run nodejsscan

./run.sh

This will run nodejsscan web user interface at http://127.0.0.1:9090

Command Line Interface(CLI) and Python API

Node.jsScan: A semantic aware static code analysis tool for Node.js applications

Integrations

Slack Alerts

Create your slack app Slack App and set SLACK_WEBHOOK_URL in nodejsscan/settings.py or as environment variable.

Node.jsScan: A semantic aware static code analysis tool for Node.js applications

Email Alerts

Configure SMTP settings in nodejsscan/settings.py or as environment variable.

Github Action

Build Docker image

docker build -t nodejsscan .
docker run -it -p 9090:9090 nodejsscan

nodejsscan screenshots

Node.jsScan: A semantic aware static code analysis tool for Node.js applications Node.jsScan: A semantic aware static code analysis tool for Node.js applications Node.jsScan: A semantic aware static code analysis tool for Node.js applications Node.jsScan: A semantic aware static code analysis tool for Node.js applications Node.jsScan: A semantic aware static code analysis tool for Node.js applications


以上所述就是小编给大家介绍的《Node.jsScan: A semantic aware static code analysis tool for Node.js applications》,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对 码农网 的支持!

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

Domain-Driven Design

Domain-Driven Design

Eric Evans / Addison-Wesley Professional / 2003-8-30 / USD 74.99

"Eric Evans has written a fantastic book on how you can make the design of your software match your mental model of the problem domain you are addressing. "His book is very compatible with XP. It is n......一起来看看 《Domain-Driven Design》 这本书的介绍吧!

HTML 压缩/解压工具
HTML 压缩/解压工具

在线压缩/解压 HTML 代码

RGB转16进制工具
RGB转16进制工具

RGB HEX 互转工具

RGB CMYK 转换工具
RGB CMYK 转换工具

RGB CMYK 互转工具