Nuxt Security is a security module designed specifically for Nuxt 3 applications that automatically implements OWASP security patterns and principles through HTTP headers and middleware configuration. The module provides comprehensive security features including security response headers with Content Security Policy (CSP) support for static site generation, request size and rate limiting capabilities, Cross Site Scripting (XSS) validation, and Cross-Origin Resource Sharing (CORS) configuration. Additional security enhancements include hiding the X-Powered-By header, removing console loggers in production, HTTP method restrictions, basic authentication support, and Cross-Site Request Forgery (CSRF) protection. Installation is handled through the Nuxt module system using npx nuxi@latest module add security, which automatically registers route rules and server middlewares globally across the application. Configuration options are managed through the nuxt.config.ts file, allowing developers to customize security settings according to their application requirements. The module includes development tools for generating type stubs and running a development playground for testing security configurations.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Bearer CLI is a static application security testing tool that scans source code across multiple programming languages to identify and prioritize OWASP Top 10 and CWE Top 25 security vulnerabilities through data flow analysis.
SearchCode is an extensive code search engine that indexes 75 billion lines of code from millions of projects to help developers find coding examples and libraries.
A brute-force protection middleware for express routes that rate-limits incoming requests.
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.