express-enforces-ssl is a Node.js module designed to enforce HTTPS connections for Express.js applications. The module automatically redirects HTTP requests to HTTPS using a 301 permanent redirect status code. The tool operates as Express middleware that intercepts incoming requests and checks their encryption status. When a non-encrypted HTTP request is detected, it performs an automatic redirection to the corresponding HTTPS URL. The module includes support for reverse proxy environments commonly used by cloud platforms like Heroku and Nodejitsu. In these scenarios, the trustProxy parameter must be configured to ensure proper functionality behind load balancers. Installation is handled through npm package manager, and implementation requires enabling the 'trust proxy' setting in Express applications when operating behind reverse proxies. The module integrates into existing Express applications through standard middleware configuration.
FEATURES
SIMILAR TOOLS
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
A brute-force protection middleware for express routes that rate-limits incoming requests.
An open-source tool that automates the detection and analysis of DLL hijacking vulnerabilities in Windows applications, providing detailed reports and remediation guidance.
RiskInDroid is a machine learning-based tool that performs quantitative risk analysis of Android applications by reverse engineering bytecode and analyzing permission usage to generate numeric risk scores.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
Bearer CLI is a static application security testing tool that scans source code across multiple programming languages to identify and prioritize OWASP Top 10 and CWE Top 25 security vulnerabilities through data flow analysis.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.