Categories: Kali Linux

Electronegativity : A Tool to Identify Misconfigurations & Security Anti-Patterns in Electron Applications

Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron-based applications.

Software developers and security auditors can use this tool to detect and mitigate potential weaknesses and implementation bugs when developing applications using Electron.

A good understanding of Electron (in)security is still required when using it, as some of the potential issues detected by the tool require manual investigation.

Also Read : PHP : Security Check List 2019

Installation

Major releases are pushed to NPM and can be simply installed using:

$ npm install @doyensec/electronegativity -g

Usage

$ electronegativity -h

OptionDescription
-Voutput the version number
-i, –inputinput (directory, .js, .html, .asar)
-o, –outputsave the results to a file in csv or sarif format
-c, –checksonly run the specified checks, passed in csv format
-h, –helpoutput usage information

Using it to look for issues in a directory containing an Electron app:

$ electronegativity -i /path/to/electron/app

Using the tool to look for issues in an asar archive and saving the results in a csv file:

$ electronegativity -i /path/to/asar/archive -o result.csv

Note: If you’re running into the Fatal Error “JavaScript heap out of memory”, you can run node using node –max-old-space-size=4096 electronegativity -i /path/to/asar/archive -o result.csv

Credit :  Claudio MerloniIbram MarzoukJaroslav Lobačevski and many other contributors.

R K

Recent Posts

SpyAI : Intelligent Malware With Advanced Capabilities

SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…

1 day ago

Proxmark3 : The Ultimate Tool For RFID Security And Analysis

The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…

1 day ago

Awesome Solana Security : Enhancing Program Development

The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…

1 day ago

IngressNightmare-POCs : Understanding The Vulnerability Exploitation Flow

The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…

1 day ago

AdaptixC2 : Enhancing Penetration Testing With Advanced Framework Capabilities

AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…

1 day ago

Bincrypter : Enhancing Linux Binary Security through Runtime Encryption And Obfuscation

Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to…

1 day ago