NodeJsScan

Static security code scanner (SAST) for Node.js applications.

How to Configure

Install Postgres and configure SQLALCHEMY_DATABASE_URI in core/settings.py
Run pip install -r requirements.txt
Run python createdb.py
Run python app.py

This will run NodeJsScan on http://0.0.0.0:9090 If you need to debug, set DEBUG = True in core/settings.py

NodeJsScan CLI

The command line interface (CLI) allows you to integrate NodeJsScan with DevSecOps CI/CD pipelines. The results are in JSON format. When you use CLI the results are never stored with NodeJsScan backend.

python cli.py -d <node_js_source_code>

Learn Node.js Security: Pentesting and Exploitation

OpSecX Video Course

Docker

docker build -t nodejsscan .
docker run -it -p 9090:9090 nodejsscan

DockerHub

docker pull opensecurity/nodejsscan
docker run -it -p 9090:9090 opensecurity/nodejsscan:latest

Name		Name	Last commit message	Last commit date
Latest commit History 105 Commits
core		core
static		static
templates		templates
.gitignore		.gitignore
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
app.py		app.py
cli.py		cli.py
createdb.py		createdb.py
database.py		database.py
models.py		models.py
requirements.txt		requirements.txt
start.sh		start.sh

License

we45/NodeJsScan

Folders and files

Latest commit

History

Repository files navigation

NodeJsScan

How to Configure

NodeJsScan CLI

Learn Node.js Security: Pentesting and Exploitation

Docker

DockerHub

NodeJsScan Web UI

Static Analysis

About

Resources

License

Stars

Watchers

Forks

Languages