Static security code scanner (SAST) for Node.js applications
Project description
# NodeJsScan
Static security code scanner (SAST) for Node.js applications.
### Configure & Install NodeJsScan UI
1. Install Postgres and configure `SQLALCHEMY_DATABASE_URI` in `core/settings.py`
2. Run `pip install -r requirements.txt`
3. Run `python createdb.py`
4. Run `python app.py`
This will run NodeJsScan on `http://0.0.0.0:9090`
If you need to debug, set `DEBUG = True` in `core/settings.py`
### NodeJsScan CLI
The command line interface (CLI) allows you to integrate NodeJsScan with DevSecOps CI/CD pipelines. The results are in JSON format. When you use CLI the results are never stored with NodeJsScan backend.
```
pip install -e git+https://github.com/ajinabraham/NodeJsScan.git#egg=nodejsscan
nodejsscan
usage: nodejsscan [-h] [-d DIRECTORY [DIRECTORY ...]] [-o OUTPUT]
optional arguments:
-h, --help show this help message and exit
-d DIRECTORY [DIRECTORY ...], --directory DIRECTORY [DIRECTORY ...]
Node.js source code directory to scan
-o OUTPUT, --output OUTPUT
Output file to save JSON report
```
### Learn Node.js Security: Pentesting and Exploitation
[OpSecX Video Course](https://opsecx.com/index.php/product/node-js-security-pentesting-and-exploitation/)
### Docker
```
docker build -t nodejsscan .
docker run -it -p 9090:9090 nodejsscan
```
### DockerHub
```
docker pull opensecurity/nodejsscan
docker run -it -p 9090:9090 opensecurity/nodejsscan:latest
```
#### NodeJsScan Web UI
#### Static Analysis
Static security code scanner (SAST) for Node.js applications.
### Configure & Install NodeJsScan UI
1. Install Postgres and configure `SQLALCHEMY_DATABASE_URI` in `core/settings.py`
2. Run `pip install -r requirements.txt`
3. Run `python createdb.py`
4. Run `python app.py`
This will run NodeJsScan on `http://0.0.0.0:9090`
If you need to debug, set `DEBUG = True` in `core/settings.py`
### NodeJsScan CLI
The command line interface (CLI) allows you to integrate NodeJsScan with DevSecOps CI/CD pipelines. The results are in JSON format. When you use CLI the results are never stored with NodeJsScan backend.
```
pip install -e git+https://github.com/ajinabraham/NodeJsScan.git#egg=nodejsscan
nodejsscan
usage: nodejsscan [-h] [-d DIRECTORY [DIRECTORY ...]] [-o OUTPUT]
optional arguments:
-h, --help show this help message and exit
-d DIRECTORY [DIRECTORY ...], --directory DIRECTORY [DIRECTORY ...]
Node.js source code directory to scan
-o OUTPUT, --output OUTPUT
Output file to save JSON report
```
### Learn Node.js Security: Pentesting and Exploitation
[OpSecX Video Course](https://opsecx.com/index.php/product/node-js-security-pentesting-and-exploitation/)
### Docker
```
docker build -t nodejsscan .
docker run -it -p 9090:9090 nodejsscan
```
### DockerHub
```
docker pull opensecurity/nodejsscan
docker run -it -p 9090:9090 opensecurity/nodejsscan:latest
```
#### NodeJsScan Web UI
#### Static Analysis
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
No source distribution files available for this release.See tutorial on generating distribution archives.
Built Distributions
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
nodejsscan-2.6-py2.7.egg
(23.6 kB
view details)
nodejsscan-2.6-py2-none-any.whl
(17.0 kB
view details)
File details
Details for the file nodejsscan-2.6-py2.7.egg.
File metadata
- Download URL: nodejsscan-2.6-py2.7.egg
- Upload date:
- Size: 23.6 kB
- Tags: Egg
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.19.1 setuptools/40.0.0 requests-toolbelt/0.8.0 tqdm/4.24.0 CPython/2.7.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fb138e876e08e712af9e928fe3cf6b939a62370a8f6e6941de43ffb8edc989af
|
|
| MD5 |
c3e6a93d78c4ea340c658af4d3d4e28b
|
|
| BLAKE2b-256 |
bf98298c0a69e966507621b50fd1f12bbeca45007876146cf6ff4c43c43200ff
|
File details
Details for the file nodejsscan-2.6-py2-none-any.whl.
File metadata
- Download URL: nodejsscan-2.6-py2-none-any.whl
- Upload date:
- Size: 17.0 kB
- Tags: Python 2
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.19.1 setuptools/40.0.0 requests-toolbelt/0.8.0 tqdm/4.24.0 CPython/2.7.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dc3cecbf85eb73efd955813c92ac344a8ceeaa2d8ff6d32fee524541d1ad309a
|
|
| MD5 |
74c5ceccf545bd05c2f65653a3a3acc8
|
|
| BLAKE2b-256 |
1370b731c8bbf33034ea8081139f188edafec4630ba820d635fc905de7738e93
|
