dep-scan icon indicating copy to clipboard operation
dep-scan copied to clipboard

Published 20 hours ago verified publisher icon owasp-dep-scan

Simulate ua-parser attack to assess dep-scan

Open prabhu opened this issue 3 years ago • 0 comments

It is not clear if the risk audit feature of dep-scan caught the ua-parser.js attack. My guess is that it should've checked for the presence of the preinstall script and flagged this up. But will be nice to emulate and validate the feature.

prabhu avatar Oct 25 '21 09:10 prabhu