welsonjs/SECURITY.MD

1.3 KiB

Security Note for WelsonJS

Caution

This repository includes recent cases on how to access Windows APIs and functions at the JavaScript level.

This way can provide a flexible development environment for anyone, but it also applies to those with malicious purposes.

Using this project to create an abuse tools (e.g. DoS attack) may be subject to punishment in your country.

Please use it only to create a web technology based application similar to Electron or legally testing tool.

Known use cases

In general, WelsonJS is used in the following situations.

  • Test web accessibility and compliance: e.g. W3C standards(WEB-ARIA, WCAG), The national laws(ADA/DDA, GDPR)
  • Explore vulnerabilities of equipment within the local network
  • Improve availablity of a clients of VPN or Proxy
  • Build automation, CD/CI(Continuous Integration/Continuous Delivery), DevOps, SecOps

Note 1: If you deviate from the previous case mentioned above, please contact us before using it.

Note 2: A similar approach that WelsonJS uses has been called LOLBins in the cyber security community since 2018. This is not intended to be but you will get useful hints you need for extensions.

Report abuse

If you find any abuse cases of this project, please report it.