Nodejs
Browse 38 nodejs tools
FEATURED
Middleware adding security layer to GraphQL endpoints for JS servers
Runtime application security library blocking zero-days & OWASP Top 10 attacks
A proof-of-concept Node.js tool that demonstrates automated MFA bypass techniques for Microsoft Outlook accounts using browser automation.
A secret scanning tool that examines NPM modules and ZIP files for exposed credentials and sensitive information using nuclei templates.
Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.
Hapi is a Node.js web application framework that provides built-in functionality for building scalable server-side applications and APIs with security features and plugin architecture.
A Node.js middleware module that automatically enforces HTTPS connections by redirecting HTTP requests to HTTPS URLs in Express.js applications.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
A Lambda function that automatically disables AWS IAM User Access Keys after a specified time period to reduce security risks from aging credentials.
NodeSecure is a cybersecurity project that provides security monitoring and analysis capabilities specifically designed for Node.js applications.
A Node.js CLI tool that automates the setup of CTF events using OWASP Juice Shop challenges across multiple CTF frameworks.
ElasticSearch honeypot to capture attempts to exploit CVE-2014-3120, with logging and daemon options.
A Node.js library for validating environment variables and providing immutable access to configuration values in applications.
Check for known vulnerabilities in your Node.js installation.
A collection of CLI tools and API utilities for searching and filtering GitHub repositories by various criteria including keywords, users, organizations, and repository attributes.
A HackerOne-managed bug bounty program dedicated to identifying and fixing security vulnerabilities in the Node.js ecosystem.
A Fastify plugin that implements HTTP security headers through a wrapper around the helmet library to protect web applications from common vulnerabilities.
A vulnerable web site in NodeJS for testing security source code analyzers.
A Node.js tool that analyzes HTTP security headers on websites to identify missing or problematic security configurations.
npm-zoo is a curated database of known malicious NPM packages that helps developers and security researchers identify and avoid potentially harmful dependencies in their projects.
UglifyJS 3 is a JavaScript toolkit that provides parsing, minification, compression, and beautification capabilities for JavaScript code optimization and processing.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
A command-line tool for downloading Android APK files from the Appland platform via npm installation.
