PortSwigger
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
Important security headers for Fastify. It is a tiny wrapper around helmet. Usage: Simply require this plugin, and the basic security headers will be set. const fastify = require('fastify')() const helmet = require('@fastify/helmet') fastify.register( helmet, // Example disables the `contentSecurityPolicy` middleware but keeps the rest. { contentSecurityPolicy: false } ) fastify.listen({ port: 3000 }, err => { if (err) throw err }) How it works: @fastify/helmet is a tiny wrapper around helmet that adds an 'onRequest' hook and a reply.helmet decorator. It accepts the same options as helmet, and you can see more in the helmet documentation. Apply Helmet to all your application routes: By passing { global: true } into the options, @fastify/helmet allows you to register Helmet for all your application routes by default. If you want a more granular control on how to apply Helmet to your application you can choose to disable it on a global scope by passing { global: false } to the options. By default, this option is set to true. Example - enable @fastify/helmet globally: fastify.register(helmet) // or fastify.register(helmet, { global: true })
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
Open Redirection Analyzer
A source code search engine for searching alphanumeric snippets, signatures, or keywords in web page HTML, JS, and CSS code.
YLS Language Server for YARA Language with comprehensive features and Python 3.8 support.
A third-party Nginx module that prevents common web attacks by reading a small subset of simple rules containing 99% of known patterns involved in website vulnerabilities.
A honeypot trap for Symfony2 forms to reduce spam submissions.