A powerful obfuscator for JavaScript and Node.js

Advanced vm/sandbox for Node.js

Rate limiting tools. Limit resource access at any scale.

Awesome Node.js Security resources

nodejsscan is a static security code scanner for Node.js applications.

Role and Attribute based Access Control for Node.js

ESLint rules for Node Security

Full-featured Node.js framework, with no complexity. 🚀 Simple and easy to use, TypeScript-based and well-documented.

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

node security platform command-line tool

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

📗 How to write cross-platform Node.js code

:peace_symbol: :palestinian_territories: Shinobi CE - The Free Open Source CCTV platform written in Node.JS (Camera Recorder - Security Surveillance Software - Restreamer

One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers.

A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks

ADAMANT Blockchain Node

:key: The easiest way to control what npm modules can access

:heavy_check_mark: More than 100 security checks for your Node.js API

Node.js Ecosystem Security Working Group

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework,