75 Repositories
JavaScript security Libraries
Use Cloudflare Gateway DNS/VPN to block ads, malware and tracking domains - free alternative to NextDNS, Pi-hole and Adguard
Cloudflare Gateway Pi-hole Scripts (CGPS) Cloudflare Gateway allows you to create custom rules to filter HTTP, DNS, and network traffic based on your
StarkNet support extension for VSCode. Visualize StarkNet contracts: view storage variables, external and view functions, and events.
StarkNet Explorer extension This VSCode extension quickly shows relevant aspects of StarkNet contracts: Storage variables of the current contract, and
Beautiful Visualizations For Your App's Dependencies 🧭
Beautiful Visualizations For Your App's Dependencies 🪱 Outputs SVGs Powered by D3 Overlays security vulnerabilities Works with npm & yarn Made by the
POC OF CVE-2022-21970
CVE-2022-21970 Description Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This vulnerability allows an attacker to execute java
EL/ASI: Encrypt Locally, Account Secure Interchange
EL/ASI: Local App Security Protocol EL/ASI (Encrypt Locally, Account Secure Interchange) defines a protocol for protecting and exchanging data in loca
A browser extension to test the most basic security issues.
Ninja-Hacker-Cat Sidebar für Firefox This firefox extension can check your website for the most basic security issues and data leaks. It's an easy way
⛴️ Docker extension for deepfence/SecretScanner 🔐
SecretScanner Docker Extension How to install in Docker Desktop ? Note: Method to install this extension will change once SecretScanner extension is a
Simple and customizable security middleware for GraphQL servers in Deno.
GuarDenoQL Simple and customizable security middleware for GraphQL servers in Deno Features Integrates with an Opine server in a Deno runtime. Enables
Improve the security of your API by detecting common vulnerabilities as defined by OWASP and enforced with Spectral.
Spectral OWASP API Security Scan an OpenAPI document to detect security issues. As OpenAPI is only describing the surface level of the API it cannot s
Monitor your code for exposed API keys, tokens, credentials, and high-risk security IaC misconfigurations
Spectral VS Code extension The Spectral VS Code extension is a tool for developers that want to catch security issues (such as credentials, tokens and
Easy auditing & sandboxing for your JavaScript dependencies 🪱
Easy auditing & sandboxing for your JavaScript dependencies 🪱 TL;DR Sandworm intercepts all sensitive Node & browser APIs, like child_process.exec or
Full dynamic tool kit that is capable of deobfuscating and producing a javascript representation of Shape's Virtual Machine obfuscation
Shape Security Decompiler Tool-Kit This tool kit is capable of dynamically deobfuscating all versions of shape security's virtual machine interpreter
Infisical — Sync your .env securely in seconds.
Infisical Infisical is a simple, end-to-end encrypted secrets manager for your .env files. It enables teams to securely sync and manage .env files in
Coverage-guided, in-process fuzzing for the Node.js
Jazzer.js Jazzer.js is a coverage-guided, in-process fuzzer for the Node.js platform developed by Code Intelligence. It is based on libFuzzer and brin
Metlo is an open-source API security platform.
Metlo API Security Secure Your API. Metlo is an open-source API security platform Create an Inventory of all your API Endpoints. Proactively test your
Shield is a development framework for circom developers. The core reason is to provide libraries, plugins, and testing tools to ensure code quality and security.
SHIELD Shield is a development framework for circom developers but we plan it to other languages such as CAIRO, SNARKYJS etc. The core reason is to pr
Best fast responsive discord anti nuke bot made in javascript using Discord JS@v13
Security Plus Security Plus is an advance anti nuke bot for discord server , Developed in JavaScript by using discord.js@v13 , Security Plus don't all
🛡️ Dead-simple, yet highly customizable security middleware for Apollo GraphQL servers and Envelop 🛡️
GraphQL Armor 🛡️ GraphQL Armor is a dead-simple yet highly customizable security middleware for various GraphQL server engines. Contents Contents Sup
Check the strength of your password simply and quickly, and with optional UI indicators
Check the strength of your password simply and quickly, and with optional UI indicators. Lock Steel is lightweight, has no dependencies and is connected with the UI elements. Just pure CSS and VanillaJS.
The open-source security lake platform for AWS
The open-source security lake platform for AWS. Website | Docs | Community What is Matano? Matano is an open source security lake platform for AWS. It
Snippets for securing, transforming, and optimizing GraphQL APIs.
StepZen Snippets Welcome! StepZen is a unique and declarative way to build & run any-sized Graph in minutes. Explore the docs View Demo Report Bug Req
REST API complete test suite using openapi.json
Openapi Test Suite Objective This package aims to solve the following two problems: Maintenance is a big problem to solve in any test suite. As the AP
This is a demo project for the SecTester JS SDK framework, with some installation and usage examples
SecTester SDK Demo Table of contents About this project About SecTester Setup Fork and clone this repo Get a Bright API key Explore the demo applicati
CTF (Capture The Flag) is a type of information security competition that challenges contestants to find solutions or complete various tasks.
WHAT IS CTF? CTF (Capture The Flag) is a type of information security competition that challenges contestants to find solutions or complete various ta
Restream is a module that allows you to create a stream of an audio/video file from the Firebase storage, protected from direct download through the client-side.
nuxt-restream Restream is a module that allows you to create a stream of an audio/video file from the Firebase storage, protected from direct download
Fixes code dependency issues 🤼♀️
Codependence 🤼♀️ Codependence is a JavaScript utility CLI or node tool for checking specified dependencies in a project to ensure dependencies are u
From the Linux Foundation office in New York City, welcome to The Untold Stories of Open Source
From the Linux Foundation office in New York City, welcome to The Untold Stories of Open Source. Each week we explore the people who are supporting Open Source projects, how they became involved with it, and the problems they faced along the way.
basic dissembler for Kasada's virtual machine obfuscation
Kasada Dissembler A simple kasada dissembler which is capable of tracing through and executing every single opcode in kasada's bytecode and then loggi
Ready to manipulate partitions file? Create a custom partition, apply custom security system, hide the partition and share your hidden data on the www
Paranoia 💊 Ready to manipulate partitions file? Create a custom partition, apply custom security system, hide the partition and share your hidden dat
It shows how to generate and use temparary security credential using AWS STS.
AWS STS를 이용한 Temparary security credential 활용하기 Lambda의 Function URL와 같이 IAM을 이용하여 REST api를 호출할때는 보안상 Temparary security credential를 고려해 볼 수 있습니다. 여기
📬 A quick comparison of private and / or secure email providers
📬 Email Comparison A comparison table of private and / or secure email providers Live App The app can be accessed at: lissy93.github.io/email-compari
A novel approach for security and user experience of Graphical Password Authentication.
Graphical Password Authentication Alohomora Harry Potter themed (not really) Graphical Password Authentication Flowchart and Architecture Solution Dem
Security tool + attack database used to take quick action against newly-discovered vulnerabilities in the blockchain.
SolidGuard Version: v1.0.1 SolidGuard is a Blockchain Security tool catered towards organizations who manages decentralized applications on the Ethere
E-Commerce solution for security of databases and transactions.
commerce_new_era AMAÇ Amacımız günümüzde E-Ticaret sitelerinde bulunan sahte ürünlerin ve mağduriyetlerin önüne geçmektir. Bunu yapmak için Blockchai
CloudSecWiki is a cloud security oriented knowledge base maintained by HuoCorp.
CloudSecWiki CloudSecWiki is a cloud security oriented knowledge base maintained by HuoCorp. CloudSecWiki web address:cloudsec.huoxian.cn Local Deploy
Password Generator - A fast, simple and powerful open-source utility tool for generating strong, unique and random passwords
A fast, simple and powerful open-source utility tool for generating strong, unique and random passwords. Password Generator is free to use as a secure password generator on any computer, phone, or tablet.
Hacking Prodigy, the math game.
Website • Discord • Installation • YouTube How to install See our Quickstart Guide. Info We aren't evil. We aren't evil. Everything is open source, fo
npm registry proxy with on-the-fly filtering
npm-registry-firewall 📦 📦 🔥 npm registry proxy with on-the-fly filtering Key Features Restricts access to remote packages by predicate: name org ve
Projeto de Botnet com Python, Websockets, Async e Javascript
A3 - Botnets Este é um repositório onde documentarei todo o processo de pesquisa e desenvolvimento de uma botnet do zero com python, websockets e asyn
Shifty is a tiny zero-dependency secrets generator, built for the web using TypeScript.
Shifty is a tiny zero-dependency secrets generator, built for the web using TypeScript. Installation yarn add @deepsource/shifty Usage Shifty is built
Disallow form tags without explicit method="post"
eslint-plugin-require-form-method-post Disallow form tags without explicit method="post" Prevents sensitive data appearing on URLs Allow form tags wit
A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Written in nodeJS and Electron.
ᵔᴥᵔ RedJoust A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Writte
Project Security Term 3.2 @ PIM
Security This project was generated with Angular CLI version 12.2.10. Development server Run ng serve for a dev server. Navigate to http://localhost:4
Been interested, studying, and developing blockchain security with a Zero Knowledge Proof (ZKP) and create a prototype on the current issue with Philippine's upcoming election. 📥
Implementation of Zero Knowledge Proofs in Cryptographic Voting 😎 Reference: Cryptographic Voting – A Gentle Introduction Overview 👨🏻💻 The main i
How to implement Step-up Authentication using Amazon Cognito
How to implement Step-up Authentication using Amazon Cognito This repository contains accompanying source code for the AWS Blog post, How to implement
Audio visual mitigation of Rickrolls using computer vision.
Computer Vision Rick Astley Muter This project utilizes an advanced computer vision model to mute your speakers when Rick Astley is detected on your s
Hashing library for Nest.Js
A progressive Node.js framework for building efficient and scalable server-side applications. Description Hashing library for NestJS. Installation $ n
Easy-to-use tool to inform you about potential risks in your project dependencies list
sdc-check Easy-to-use tool to inform you about potential risks in your project dependencies list Usage Add to your project Add new npm command to scri
🚀 Send a load of requests with nodejs using cluster and with/without Tor for anonymisation 🙈
Accumulator 🚀 Send a load of requests with nodejs using cluster and with/without Tor for anonymisation 🙈 ⚠️ Disclamer, This repo has been created fo
Node.js Express + MySQL vulnerable boilerplate project
Node.js Express + MySQL vulnerable boilerplate project
GitHub Advisory Database RSS Feeds.
github-advisory-database-rss RSS Feeds for GitHub Advisory Database. Usage Visit https://azu.github.io/github-advisory-database-rss/ Subscribe RSS Fee
🤖 An action that fetches the list of malicious domains on Discord in different providers and creates/updates a JSON file with them from time to time.
Discord Guardian Action 🤖 This action fetches the list of malicious domains on Discord in different providers and creates/updates a JSON file with t
spartacus是一个基于Spring Boot 2.3.x、Spring Cloud Hoxton.SR5、Spring Security 2.3.x、OAuth2.0、Python3等开源框架构建的分布式系统
spartacus是一个基于Spring Boot 2.3.x、Spring Cloud Hoxton.SR5、Spring Security 2.3.x、OAuth2.0、Python3等开源框架构建的分布式系统,亦是一个功能完备的微服务脚手架。
LunaSec - Open Source Security Software built by Security Engineers. Scan your dependencies for Log4Shell, or add Data Tokenization to prevent data leaks. Try our live Tokenizer demo: https://app.lunasec.dev
Our Software We're a team of Security Engineers on a mission to make awesome Open Source Application Security tooling. It all lives in this repo. Here
Demo showcasing information leaks resulting from an IndexedDB same-origin policy violation in WebKit.
Safari 15 IndexedDB Leaks Description This demo showcases information leaks resulting from an IndexedDB same-origin policy violation in WebKit (a brow
Security tool used to take quick action against newly-discovered vulnerabilities in the blockchain.
SolidGuard is a Blockchain Security tool catered towards organizations who manages decentralized applications on the Ethereum blockchain. It is an attack database for documenting all major hacks that happened in the blockchain, and is also used to notify or pause decentralized applications affected by the attacks published in the database.
Detect npm packages by author name in your package-lock.json or yarn.lock.
detect-package-by-author Detect npm packages by author name in your package-lock.json or yarn.lock. Install Install with npm: # Not Yet Publish # npm
Cloud security platform web with steampipe
cloud-security-platform-web-with-steampipe Home Tech Stacks Node.js + MongoDB + Steampipe Usage If you use ec2, no need credentils, config files. $ cd
Secure-electron-template - The best way to build Electron apps with security in mind.
secure-electron-template A current electron app template with the most popular frameworks, designed and built with security in mind. (If you are curio
Base62-token.js - Generate & Verify GitHub-style & npm-style Base62 Tokens
base62-token.js Generate & Verify GitHub-style & npm-style Secure Base62 Tokens Works in Vanilla JS (Browsers), Node.js, and Webpack. Online Demo See
Browser extension for generating HOTP passcodes for Duo Security Multi-Factor Authentication
duo-extension Browser extension for generating HOTP passcodes for Duo Security multi-factor authentication. Compatible with Firefox and Chromium-based
A simple Multi Guild Modmail Bot coded in v13 using the enmap Database Working on any host, like repl.it or vps! Its fast and working bug free + Security options!
Multiguild-Modmail A simple Multi Guild Modmail Bot coded in v13 using the enmap Database Working on any host, like repl.it or vps! Its fast and worki
Next-gen mobile first analytics server (think Mixpanel, Google Analytics) with built-in encryption supporting HTTP2 and gRPC. Node.js, headless, API-only, horizontally scaleable.
Introduction to Awacs Next-gen behavior analysis server (think Mixpanel, Google Analytics) with built-in encryption supporting HTTP2 and gRPC. Node.js
A web client port-scanner written in GO, that supports the WASM/WASI interface for Browser WebAssembly runtime execution.
WebAssembly Port Scanner Written in Go with target WASM/WASI. The WASM main function scans all the open ports in the specified range (see main.go), vi
Keep your sensitive information out of chat logs, emails, and more with heavily encrypted secrets.
Free encrypted secret sharing for everyone! This application is to be used to share encrypted secrets cross organizations, or as private persons. Hemm
NPM Package that simplifies Auth with Google OAuth2 🔐
Node Google OAuth2 🔐 A simple authentication flow for Google OAuth2 Explore the docs » Report Bug Table of Contents About The Project Getting Started
A tool to check for response status codes with ease
About Archer Archer is an cross-platform tool developed using Nodejs which focuses on the reconnaissance phase of a penetration test. Got a bunch of l
Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing
Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing
Gulp.js command execution for humans
Gulp.js command execution for humans. As opposed to similar plugins or to child_process.exec(), this uses Execa which provides: Better Windows support
Open source rich text editor based on HTML5 and the progressive-enhancement approach. Uses a sophisticated security concept and aims to generate fully valid HTML5 markup by preventing unmaintainable tag soups and inline styles.
This project isn’t maintained anymore Please check out this fork. wysihtml5 0.3.0 wysihtml5 is an open source rich text editor based on HTML5 technolo
Open source rich text editor based on HTML5 and the progressive-enhancement approach. Uses a sophisticated security concept and aims to generate fully valid HTML5 markup by preventing unmaintainable tag soups and inline styles.
This project isn’t maintained anymore Please check out this fork. wysihtml5 0.3.0 wysihtml5 is an open source rich text editor based on HTML5 technolo
:lock: Secure localStorage data with high level of encryption and data compression
secure-ls Secure localStorage data with high level of encryption and data compression. LIVE DEMO Features Secure data with various types of encryption
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
DOMPurify DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's also very simple to use and get started with
📗 How to write cross-platform Node.js code
How to write cross-platform Node.js code. Why you should care: according to the 2018 Node.js user survey, 24% of Node.js developers use Windows locall
Elegant and all-inclusive Node.Js web framework based on TypeScript. :rocket:.
https://foalts.org What is Foal? Foal (or FoalTS) is a Node.JS framework for creating web applications. It provides a set of ready-to-use components s