GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → fingerprintjs → gradejs

fingerprintjs / gradejs

Licence: MIT license
GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.

Programming Languages

typescript
32286 projects
SCSS
7915 projects
javascript
184084 projects - #8 most used programming language
shell
77523 projects
HTML
75241 projects

Labels

npmwebpackbundlevulnerabilitybugbountybundlingvulnerability-detectionpackage-managementsecurity-toolswebsite-security

Projects that are alternatives of or similar to gradejs

Whour
Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-95.03%)
Mutual labels:  vulnerability, vulnerability-detection
Openvas Scanner
Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
Stars: ✭ 1,056 (+191.71%)
Mutual labels:  vulnerability, vulnerability-detection
Trivy
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+2572.1%)
Mutual labels:  vulnerability, vulnerability-detection
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+8990.88%)
Mutual labels:  vulnerability, bugbounty
Howtohunt
Tutorials and Things to Do while Hunting Vulnerability.
Stars: ✭ 2,996 (+727.62%)
Mutual labels:  vulnerability, bugbounty
Command Injection Payload List
🎯 Command Injection Payload List
Stars: ✭ 658 (+81.77%)
Mutual labels:  vulnerability, bugbounty
Vulnx
vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+178.73%)
Mutual labels:  vulnerability, vulnerability-detection
Pentesting
Misc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-93.37%)
Mutual labels:  vulnerability, bugbounty
Vulscan
Advanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+536.74%)
Mutual labels:  vulnerability, vulnerability-detection
Arissploit
Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-68.51%)
Mutual labels:  vulnerability, vulnerability-detection
Api
Vulners Python API wrapper
Stars: ✭ 313 (-13.54%)
Mutual labels:  vulnerability, vulnerability-detection
Awsome Security Write Ups And Pocs
Awesome Writeups and POCs
Stars: ✭ 246 (-32.04%)
Mutual labels:  vulnerability, bugbounty
NSE-scripts
NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-70.99%)
Mutual labels:  vulnerability, vulnerability-detection
Vfeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+128.18%)
Mutual labels:  vulnerability, vulnerability-detection
SQL Injection Payload
SQL Injection Payload List
Stars: ✭ 62 (-82.87%)
Mutual labels:  vulnerability, vulnerability-detection
Blackwidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+145.03%)
Mutual labels:  vulnerability, bugbounty
browserrecon-php
Advanced Web Browser Fingerprinting
Stars: ✭ 29 (-91.99%)
Mutual labels:  vulnerability, vulnerability-detection
PastebinMarkdownXSS
XSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-76.8%)
Mutual labels:  vulnerability, bugbounty
Pentest Guide
Penetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+263.54%)
Mutual labels:  vulnerability, bugbounty
Killshot
A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
Stars: ✭ 237 (-34.53%)
Mutual labels:  vulnerability, vulnerability-detection
View All Similar Projects ➔

GradeJS

GradeJS is an open-source project that allows you to analyze webpack production bundles without having access to the source code of a website. It detects a list of bundled NPM libraries and works even for minified or tree-shaken bundles.

It parses the abstract syntax tree from a JavaScript file, detects the webpack bootstrap entities and localizes module boundaries. A webpack-bundled module usually represents either a single file of an NPM library or a subset of concatenated files. By using built-in AST hash functions, GradeJS generates special signatures per each exported entity, which are retrospectively looked up in the pre-made database index by a matching algorithm. The matching algorithm is quite straightforward and based on a probabilistic approach.

Preview Preview

More info:

How to use

Go to the https://gradejs.com/ and enter a site in the https://example.com format. An analysis is performed server-side. Once the bundle is analyzed, the package name, version, size, and relative percentage size of the packages are returned.

Supported bundlers & packages

Current beta version supports webpack from 3 to 5 and have indexed ~3,000 most popular NPM libraries over ~100,000 releases.

Contributing

We value your feedback, please use Discussions for questions and comments. If you encounter any suspicious behavior, false or missing results, please file a new issue. At this stage, we don't expect direct code contributions yet.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].