@fastify/helmet
Important security headers for Fastify. It is a tiny wrapper around helmet. Usage: Simply require this plugin, and the basic security headers will be set. const fastify = require('fastify')() const helmet = require('@fastify/helmet') fastify.register( helmet, // Example disables the `contentSecurityPolicy` middleware but keeps the rest. { contentSecurityPolicy: false } ) fastify.listen({ port: 3000 }, err => { if (err) throw err }) How it works: @fastify/helmet is a tiny wrapper around helmet that adds an 'onRequest' hook and a reply.helmet decorator. It accepts the same options as helmet, and you can see more in the helmet documentation. Apply Helmet to all your application routes: By passing { global: true } into the options, @fastify/helmet allows you to register Helmet for all your application routes by default. If you want a more granular control on how to apply Helmet to your application you can choose to disable it on a global scope by passing { global: false } to the options. By default, this option is set to true. Example - enable @fastify/helmet globally: fastify.register(helmet) // or fastify.register(helmet, { global: true })
FEATURES
ALTERNATIVES
ffufai is an AI-enhanced wrapper for ffuf that automatically suggests file extensions for web fuzzing based on the target URL and headers.
Arnica is an application security platform that offers real-time scanning, risk mitigation, and management across various aspects of the software development lifecycle.
A set of 48 practical programming exercises in cryptography and application security
A popular free security tool for automatically finding security vulnerabilities in web applications
Fnord is a pattern extractor for obfuscated code that extracts byte sequences and creates statistics, as well as generates experimental YARA rules.
A Windows Kernel driver intentionally vulnerable to help improve skills in kernel-level exploitation.
Reformat and re-indent bookmarklets, ugly JavaScript, and unpack scripts with options available via UI.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.