Application Security for Nodejs
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle. Task: Nodejs
Browse 22 security tools
FEATURED
USE CASES
Middleware adding security layer to GraphQL endpoints for JS servers
Runtime application security library blocking zero-days & OWASP Top 10 attacks
A secret scanning tool that examines NPM modules and ZIP files for exposed credentials and sensitive information using nuclei templates.
Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.
npm-zoo is a curated database of known malicious NPM packages that helps developers and security researchers identify and avoid potentially harmful dependencies in their projects.
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.
UglifyJS 3 is a JavaScript toolkit that provides parsing, minification, compression, and beautification capabilities for JavaScript code optimization and processing.
A Node.js middleware module that automatically enforces HTTPS connections by redirecting HTTP requests to HTTPS URLs in Express.js applications.
Hapi is a Node.js web application framework that provides built-in functionality for building scalable server-side applications and APIs with security features and plugin architecture.
NodeSecure is a cybersecurity project that provides security monitoring and analysis capabilities specifically designed for Node.js applications.
A Fastify plugin that implements HTTP security headers through a wrapper around the helmet library to protect web applications from common vulnerabilities.
A Fastify plugin that provides utilities and middleware to protect web applications against Cross-Site Request Forgery (CSRF) attacks.
A command-line tool for downloading Android APK files from the Appland platform via npm installation.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.
A Node.js library for validating environment variables and providing immutable access to configuration values in applications.
A CLI tool that performs security assessments on Joi validator schemas by testing them against various attack vectors including XSS, SQL injection, RCE, and SSRF.
NodeGoat provides an environment to learn and address OWASP Top 10 security risks in Node.js web applications.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.