tdm00 / retire.js Public

forked from RetireJS/retire.js

Notifications You must be signed in to change notification settings
Fork 0
Star 0

scanner detecting the use of JavaScript libraries with known vulnerabilites

bekk.github.io/retire.js/

0 stars 417 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 94 Commits
chrome		chrome
docs		docs
node		node
repository		repository
.gitignore		.gitignore
README.md		README.md
build_chrome.sh		build_chrome.sh
simpleserver.py		simpleserver.py

Repository files navigation

Retire.js

What you require you must also retire

There is a pletora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay update on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your webapp. The goal of Retire.js is to help you detect the use of JS-library versions with known vulnerabilities.

Retire.js has two parts:

Command line scanner

Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules.

Chrome extension

Scans visisted sites for references to insecure libraries, and puts warnings in the developer console. A icon on the address bar displays will also indicated if vulnerable libraries were loaded.

About

scanner detecting the use of JavaScript libraries with known vulnerabilites

bekk.github.io/retire.js/

Report repository

Releases

No releases published

Packages

No packages published

Languages

JavaScript 97.9%
Shell 1.9%
Python 0.2%