Retire.js

There is a plethora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay updated on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your web app. The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules. grunt-retire scans your grunt-enabled app for use of vulnerable JavaScript libraries and/or node modules. Scans visited sites for references to insecure libraries and puts warnings in the developer console. An icon on the address bar displays will also indicate if vulnerable libraries were loaded. Retire.js has been adapted as a plugin for the penetration testing tools Burp and OWASP ZAP.

Features

A command line scanner
A grunt plugin
A Chrome extension
A Firefox extension
Burp and OWASP Zap plugin
Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow Retire.js

Retire.js Web Site

Other Useful Business Software

$300 Free Credits for Your Google Cloud Projects

Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.

Start Free Trial

Rate This Project

User Reviews

Be the first to post a review of Retire.js!

Additional Project Details

Programming Language

JavaScript

Related Categories

JavaScript Security Software, JavaScript Browser Extensions and Plugins, JavaScript Libraries, JavaScript Penetration Testing Tool

Registered

2022-05-09

Similar Business Software

Shift

Shift is a fully customizable browser where you can drag and drop apps, bars, and controls to create a central hub that adapts to however you work. Integrate 1,500+ apps, swap instantly between Spaces for work, side hustles or personal browsing, and stay logged into multiple accounts at once....

See Software
Reflectiz

Reflectiz is a web exposure management platform that helps organizations identify, monitor, and mitigate security, privacy, and compliance risks across their online environments. It provides full visibility and control over first, third, and fourth-party components like scripts, trackers, and...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
SOCRadar Extended Threat Intelligence

SOCRadar provides a unified, cloud-hosted platform designed to enrich your cyber threat intelligence by contextualizing it with data from your attack surface, digital footprint, dark web exposure, and supply chain. We help security teams see what attackers see by combining External Attack...

See Software
CBT Nuggets

Learning IT doesn’t have to mean boring lectures, the frantic pace of bootcamps, or lots of time away from your job or family. With CBT Nuggets, you can train anytime, anywhere, at your own pace — all from the comfort of your office chair or living room couch. Our training team is made up of...

See Software
Criminal IP

Criminal IP is a cyber threat intelligence solution that provides decision-ready threat intelligence, and attack surface management solutions to security teams worldwide. By continuously scanning the global internet, Criminal IP aggregates and contextualizes threat signals across IPs, domains,...

See Software