A powerful obfuscator for JavaScript and Node.js

Advanced vm/sandbox for Node.js

Atomic counters and rate limiting tools. Limit resource access at any scale.

Awesome Node.js Security resources

nodejsscan is a static security code scanner for Node.js applications.

ESLint rules for Node Security

Role and Attribute based Access Control for Node.js

Full-featured Node.js framework, with no complexity. 🚀 Simple and easy to use, TypeScript-based and well-documented.

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

node security platform command-line tool

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

📗 How to write cross-platform Node.js code

:peace_symbol: :palestinian_territories: Shinobi CE - The Free Open Source CCTV platform written in Node.JS (Camera Recorder - Security Surveillance Software - Restreamer

One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers.

ADAMANT Blockchain Node

A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework,

:heavy_check_mark: More than 100 security checks for your Node.js API

:key: The easiest way to control what npm modules can access

Node.js Ecosystem Security Working Group