Npm
Browse 33 npm tools
FEATURED
Detects and blocks malicious/vulnerable open source packages in supply chains.
Tool for searching, comparing, and evaluating open source dependencies.
Scans public internet for leaked cloud service keys and verifies them
Bot defense platform protecting websites, mobile apps, and APIs from attacks
Agent-based server security monitoring with vulnerability and compliance scanning
Malware-resistant software libraries rebuilt from source for multiple languages
Software supply chain security platform detecting malware in dependencies
Scans repositories for exposed secrets, API keys, and credentials for bug bounty
A secret scanning tool that examines NPM modules and ZIP files for exposed credentials and sensitive information using nuclei templates.
A Node.js middleware module that automatically enforces HTTPS connections by redirecting HTTP requests to HTTPS URLs in Express.js applications.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
A tool to run YARA rules against node_module folders to identify suspicious scripts
NodeSecure is a cybersecurity project that provides security monitoring and analysis capabilities specifically designed for Node.js applications.
A Node.js CLI tool that automates the setup of CTF events using OWASP Juice Shop challenges across multiple CTF frameworks.
Reverts sha1 integrity back to sha512 in lock files for enhanced security.
An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.
A collection of CLI tools and API utilities for searching and filtering GitHub repositories by various criteria including keywords, users, organizations, and repository attributes.
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
A tool that checks for hijackable packages in NPM and Python Pypi registries
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
Identifies 137 malicious npm packages and gathers system information to a remote server.
npm-zoo is a curated database of known malicious NPM packages that helps developers and security researchers identify and avoid potentially harmful dependencies in their projects.
