Jump to content
Nytro

JSpwn - JavaScript Static Code Analysis

By Nytro, in Programe securitate

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

Copyright

Duarte Monteiro (etraud123) JSPwn

Nishant Das Patnaik (nishant.dp@) JsPrime

Paul Theriault (pauljt) Scanjs

JSpwn

JavaScript Static Code Analysis

JSPwn is a modified version of Scanjs + JSPrime. This tool allow the developers to detect Sinks And Sources of their Applications and find XSS vulnerabilities and DOM XSS (Beta).

With the engine of ScanJS to detect vulnerabilities and the code flux feature of JSprime, this app has the compatibility of detect the vulnerabilities point and backtrack the code.

Example

Open app: node server.js; Go to: http://localhost:4000/client/#/scan; Select File from folder; Enable REGEXP Custom;

Link: https://github.com/Etraud123/JSpwn

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...