Nodejs
Explore 24 curated tools and resources
LATEST ADDITIONS
Goof is a vulnerable Node.js demo application that includes a series of vulnerabilities and exploits
A simple, secure framework for building scalable applications
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
Cybersecurity project for security monitoring of Node.js applications.
Exhaustive checklist for securing Node.js web services with a focus on error handling and custom error pages.
ElasticSearch honeypot to capture attempts to exploit CVE-2014-3120, with logging and daemon options.
A library for validating and accessing environment variables in Node.js programs
Check for known vulnerabilities in your Node.js installation.
Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.
The Node.js Bug Bounty Program is a program aimed at identifying and fixing security vulnerabilities in the Node.js ecosystem.
A vulnerable web site in NodeJS for testing security source code analyzers.
Finds publicly known security vulnerabilities in a website's frontend JavaScript libraries.
Taxii2 server for interacting with taxii services.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
A honeypot tool to mimic the router backdoor 'TCP32764' found in various router firmwares, providing a way to test for vulnerabilities.
A list of disposable email domains to detect or block disposable accounts
Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
A Node.js Ebook by GENTILHOMME Thomas, covering Node.js development and resources
Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Commercial
Vulnerability Management
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security