Application Security for Nodejs
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle. Task: Nodejs
Browse 22 security tools
FEATURED
USE CASES
Middleware adding security layer to GraphQL endpoints for JS servers
Runtime application security library blocking zero-days & OWASP Top 10 attacks
A secret scanning tool that examines NPM modules and ZIP files for exposed credentials and sensitive information using nuclei templates.
Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.
Hapi is a Node.js web application framework that provides built-in functionality for building scalable server-side applications and APIs with security features and plugin architecture.
A Node.js middleware module that automatically enforces HTTPS connections by redirecting HTTP requests to HTTPS URLs in Express.js applications.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
NodeSecure is a cybersecurity project that provides security monitoring and analysis capabilities specifically designed for Node.js applications.
A Node.js library for validating environment variables and providing immutable access to configuration values in applications.
A Fastify plugin that implements HTTP security headers through a wrapper around the helmet library to protect web applications from common vulnerabilities.
npm-zoo is a curated database of known malicious NPM packages that helps developers and security researchers identify and avoid potentially harmful dependencies in their projects.
UglifyJS 3 is a JavaScript toolkit that provides parsing, minification, compression, and beautification capabilities for JavaScript code optimization and processing.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
A command-line tool for downloading Android APK files from the Appland platform via npm installation.
A Fastify plugin that provides utilities and middleware to protect web applications against Cross-Site Request Forgery (CSRF) attacks.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
NodeGoat provides an environment to learn and address OWASP Top 10 security risks in Node.js web applications.
Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.
A CLI tool that performs security assessments on Joi validator schemas by testing them against various attack vectors including XSS, SQL injection, RCE, and SSRF.
Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.