Retire.js helps detect JavaScript library versions with known vulnerabilities in web applications and Node.js projects. It can be used as a command-line scanner, a Grunt plugin, a Gulp task, or integrated into Burp Suite and OWASP ZAP for penetration testing. Key features include:
- Vulnerability Detection: Identifies the use of JavaScript libraries with known vulnerabilities.
- SBOM Generation: Generates Software Bill of Materials (SBOMs) in CycloneDX format.
- Integration: Works as a command-line tool, Grunt plugin, Gulp task, and integrates with Burp and OWASP ZAP.
- Customizable: Allows users to define ignore patterns and customize output formats.