pkgsign
pkgsign is a CLI tool for signing and verifying npm and yarn packages. It allows for signing packages with PGP private keys or keybase.io for simplicity. Recently, several packages went missing from the npm registry, highlighting the importance of package signing to prevent unauthorized modifications and ensure trust in package sources.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
An easy-to-use and lightweight API wrapper for Censys APIs with support for Python 3.8+.
Docker file for building Androguard dependencies with an optional interactive shell environment.
NightShade is a Django-based capture the flag framework that enables organizations to create and manage cybersecurity competitions with support for multiple contest formats and multi-tenant architecture.
A Node.js Ebook by GENTILHOMME Thomas, covering Node.js development and resources
An unofficial Python API that enables programmatic searching, browsing, and downloading of Android apps from Google Play Store.
A lightweight CTF platform with simple setup and difficulty-based scoring that removes timezone advantages from competitions.
Bane is an automated AppArmor profile generator for Docker containers that simplifies the creation of security policies with file globbing support and Docker integration.
SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.