Application Security for Npm
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle. Task: Npm
Browse 24 security tools
FEATURED
USE CASES
Detects and blocks malicious/vulnerable open source packages in supply chains.
Tool for searching, comparing, and evaluating open source dependencies.
Bot defense platform protecting websites, mobile apps, and APIs from attacks
Malware-resistant software libraries rebuilt from source for multiple languages
Software supply chain security platform detecting malware in dependencies
A secret scanning tool that examines NPM modules and ZIP files for exposed credentials and sensitive information using nuclei templates.
Reverts sha1 integrity back to sha512 in lock files for enhanced security.
A dependency security scanner that identifies potential supply chain vulnerabilities by checking for available package namespace registrations across Python, JavaScript, PHP, and Maven repositories.
Package verification tool for npm with various verification and testing capabilities.
npm-zoo is a curated database of known malicious NPM packages that helps developers and security researchers identify and avoid potentially harmful dependencies in their projects.
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
A tool to run YARA rules against node_module folders to identify suspicious scripts
UglifyJS 3 is a JavaScript toolkit that provides parsing, minification, compression, and beautification capabilities for JavaScript code optimization and processing.
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
Lint lockfiles for improved security and trust policies.
A Node.js middleware module that automatically enforces HTTPS connections by redirecting HTTP requests to HTTPS URLs in Express.js applications.
NodeSecure is a cybersecurity project that provides security monitoring and analysis capabilities specifically designed for Node.js applications.
A Fastify plugin that provides utilities and middleware to protect web applications against Cross-Site Request Forgery (CSRF) attacks.
A command-line tool for downloading Android APK files from the Appland platform via npm installation.
An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.