GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → OWASP → cwe-sdk-javascript

OWASP / cwe-sdk-javascript

Licence: Apache-2.0 license
A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

owaspvulnerabilitiescvemitrecwe

Projects that are alternatives of or similar to cwe-sdk-javascript

cwe-tool
A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (+122.22%)
Mutual labels:  owasp, vulnerabilities, cve, mitre, cwe
PatrowlHearsData
Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
Stars: ✭ 66 (+266.67%)
Mutual labels:  vulnerabilities, cve, cwe
Sbt Dependency Check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+938.89%)
Mutual labels:  owasp, vulnerabilities, cve
Mobile Security Framework Mobsf
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+56633.33%)
Mutual labels:  owasp, cwe
Dependency Check Sonar Plugin
Integrates Dependency-Check reports into SonarQube
Stars: ✭ 332 (+1744.44%)
Mutual labels:  owasp, vulnerabilities
Dependency Track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+3888.89%)
Mutual labels:  owasp, vulnerabilities
Cve Search
cve-search - a tool to perform local searches for known vulnerabilities
Stars: ✭ 1,765 (+9705.56%)
Mutual labels:  vulnerabilities, cve
Awesome Nodejs Security
Awesome Node.js Security resources
Stars: ✭ 1,294 (+7088.89%)
Mutual labels:  owasp, vulnerabilities
Find Sec Bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+9611.11%)
Mutual labels:  owasp, cwe
Bugs-feed
Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (+400%)
Mutual labels:  vulnerabilities, cve
Vulnogram
Vulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (+472.22%)
Mutual labels:  cve, cwe
PyParser-CVE
Multi source CVE/exploit parser.
Stars: ✭ 25 (+38.89%)
Mutual labels:  vulnerabilities, cve
Dvws
OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
Stars: ✭ 267 (+1383.33%)
Mutual labels:  owasp, vulnerabilities
Cve Bin Tool
This tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.
Stars: ✭ 211 (+1072.22%)
Mutual labels:  vulnerabilities, cve
Hacker ezines
A collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (+300%)
Mutual labels:  owasp, vulnerabilities
Vulnix
Vulnerability (CVE) scanner for Nix/NixOS.
Stars: ✭ 161 (+794.44%)
Mutual labels:  vulnerabilities, cve
Patrowlhears
PatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (+394.44%)
Mutual labels:  vulnerabilities, cve
Cvebase.com
cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs
Stars: ✭ 88 (+388.89%)
Mutual labels:  vulnerabilities, cve
inthewilddb
Hourly updated database of exploit and exploitation reports
Stars: ✭ 127 (+605.56%)
Mutual labels:  vulnerabilities, cve
dependency-check-plugin
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (+494.44%)
Mutual labels:  owasp, vulnerabilities
View All Similar Projects ➔

cwe-sdk

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

npm version license downloads build codecov Known Vulnerabilities Responsible Disclosure Policy OWASP CWE Toolkit

Install

yarn add cwe-sdk

Usage

Require the CweManager class and use its methods

const { CweManager } = require('cwe-sdk')

Example

const { CweManager } = require('cwe-sdk')

const cweManager = new CweManager()
const result = cweManager.isChildOf({ weaknessId: '117', parentId: '116' })

console.log(result) // true

Build

This CWE SDK has a build process that prepares the JSON data by downloading the latest version of the CWE archive (e.g. https://cwe.mitre.org/data/xml/cwec_v4.1.xml.zip) and then crunches it to create the following data snapshots:

  1. A mirror JSON object, available at ./raw/cwe-archive.json
  2. A JSON dictionary to easily access CWEs by their ID, available at ./raw/cwe-dictionary.json
  3. A JSON array for the relationship hierarchy between CWEs, available at ./raw/cwe-hierarchy.json

This work is made possible thanks to scripts in ./build/

Contributing

Please consult CONTRIBUTING for guidelines on contributing to this project.

Author

cwe-sdk © Liran Tal, Released under the Apache-2.0 License.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].