Skip to content
/ nodejsscan Public
forked from ajinabraham/nodejsscan

nodejsscan is a static security code scanner for Node.js applications.

opensecurity.in

License

GPL-3.0 license
0 stars 332 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ganesh2183/nodejsscan

BranchesTags

Repository files navigation

NodeJsScan

Static security code scanner (SAST) for Node.js applications.

platform License python Build Status Requirements Status

Configure & Run NodeJsScan

Install Postgres and configure SQLALCHEMY_DATABASE_URI in core/settings.py

pip3 install -r requirements.txt
python3 migrate.py # Run once to create database entries required
python3 app.py # Testing Environment
gunicorn -b 0.0.0.0:9090 app:app --workers 3 --timeout 10000 # Production Environment

This will run NodeJsScan on http://0.0.0.0:9090

If you need to debug, set DEBUG = True in core/settings.py

Command Line Interface and Python API

Docker

NodeJsScan Docker images can be built for both the Web UI and CLI version.

docker build -t nodejsscan .
docker run -it -p 9090:9090 nodejsscan

DockerHub

Prebuilt Docker images are available from DockerHub.

docker pull opensecurity/nodejsscan
docker run -it -p 9090:9090 opensecurity/nodejsscan:latest

Learn Node.js Security: Pentesting and Exploitation

OpSecX Video Course

NodeJsScan Web UI

NodeJsScan

Static Analysis

NodeJsScan Static Scan Results NodeJsScan Static Scan Vulnerability Details NodeJsScan CLI

About

nodejsscan is a static security code scanner for Node.js applications.

opensecurity.in

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • CSS 81.1%
  • HTML 10.5%
  • Python 7.3%
  • Other 1.1%