https://github.com/lirantal/js-vulns-detector
Inject JS to the DOM to find vulnerable JavaScript libraries
https://github.com/lirantal/js-vulns-detector
detection detector javascript libraries webpagetest
Last synced: 4 days ago
JSON representation
Inject JS to the DOM to find vulnerable JavaScript libraries
- Host: GitHub
- URL: https://github.com/lirantal/js-vulns-detector
- Owner: lirantal
- License: apache-2.0
- Created: 2020-04-06T16:58:43.000Z (about 5 years ago)
- Default Branch: master
- Last Pushed: 2024-09-25T06:10:13.000Z (7 months ago)
- Last Synced: 2025-03-12T17:51:57.786Z (about 1 month ago)
- Topics: detection, detector, javascript, libraries, webpagetest
- Language: JavaScript
- Size: 1.81 MB
- Stars: 10
- Watchers: 2
- Forks: 3
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Awesome Lists containing this project
README
js-vulns-detector
Inject JS to the DOM to find vulnerable JavaScript libraries
# About
This module provides a JavaScript bundle that can be injected into the DOM and detect which JavaScript libraries and versions are running, as well as the vulnerabilities associated with them.
This module provides several variation of bundles that can be used:
- Global - provides JavaScript code that is not wrapped, and will call and return a function call result of the data when injected.
# Install
```bash
npm install --save js-vulns-detector
```
# Usage
## One-off invocation
To generate a bundle file:
```sh
npx js-vulns-detector --global --outfile bundle.js
```
## As a library
Access the bundle directly as an npm module:
```js
import 'js-vulns-detector/dist/bundle-global.js'
```
# Contributing
Please consult [CONTRIBUTING](./CONTRIBUTING.md) for guidelines on contributing to this project.
# Author
**js-vulns-detector** © [Liran Tal](https://github.com/lirantal), Released under the [Apache-2.0](./LICENSE) License.