JavaScript Security

Open-source JavaScript projects categorized as Security
Edit details
Topics: NodeJS security-tools JavaScript Privacy HacktoberFest
Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

Top 23 JavaScript Security Projects

  • nginxconfig.io

    ⚙️ NGINX config generator on steroids 💉

  • openzeppelin-contracts

    OpenZeppelin Contracts is a library for secure smart contract development.

    • Project mention: Mode - Comprehensive Starter Guide | dev.to | 2024-04-25

    // SPDX-License-Identifier: GPL-3.0 pragma solidity ^0.8.20; import "https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v5.0.0/contracts/token/ERC20/ERC20.sol"; interface Sfs {     function register(address _recipient) external returns (uint256 tokenId); } contract ModeToken is ERC20 {     address feeReceiver = msg.sender;     constructor() ERC20("ModeTokenSFSTest", "SFST2") { //Example amount to mint our ERC20         _mint(msg.sender, 1000 10 * 18);   // This is the SFS contract address on testnet Sfs sfsContract = Sfs(0xBBd707815a7F7eb6897C7686274AFabd7B579Ff6); //Registers this contract and assigns the NFT //to the deployer of this contract sfsContract.register(msg.sender);     } }

  • SurveyJS

    Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

    SurveyJS logo

  • DOMPurify

    DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

    • Project mention: JavaScript Libraries for Implementing Trendy Technologies in Web Apps in 2024 | dev.to | 2024-04-09

    DOMPurify

  • KeeWeb

    Free cross-platform password manager compatible with KeePass

    • Project mention: Bitwarden: Free, open-source password manager | news.ycombinator.com | 2023-09-25

  • BeEF

    The Browser Exploitation Framework Project

    • Project mention: The Browser Exploitation Framework Project | news.ycombinator.com | 2024-05-14

  • awesome-ctf

    A curated list of CTF frameworks, libraries, resources and softwares

  • user.js

    Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening

    • Project mention: Firefox to collect anonymized and categorized search data | news.ycombinator.com | 2024-05-14

    Stuff like this makes me wonder why I still cling to Firefox instead of switching to one of the privacy-focused Chromium forks.

    I've been using Arkenfox to turn off all the telemetry/etc but it increasingly feels like a game of whackamole.

    https://github.com/arkenfox/user.js

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • howtheysre

    A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

    • Project mention: 5 GitHub Projects to Help You Become a Better DevOps Engineer ⚡ | dev.to | 2023-06-23

    1. How they SRE

  • nuclei-templates

    Community curated list of templates for the nuclei engine to find security vulnerabilities.

    • Project mention: Script kiddie tools preferred by the hackers of this channel? | /r/hacking | 2023-07-08

    Check https://github.com/projectdiscovery/nuclei mostly for CVEs.

  • arkime

    Arkime is an open source, large scale, full packet capturing, indexing, and database system.

  • cloudmapper

    CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

  • ClearURLs-Addon

    ClearURLs is an add-on based on the new WebExtensions technology and will automatically remove tracking elements from URLs to help protect your privacy.

    • Project mention: Implement URL cleaner | /r/signal | 2023-06-10

    Ever heard of the ClearURLs Browser-Addon. It's also available for Firefox for Android.

  • vm2

    Advanced vm/sandbox for Node.js

    • Project mention: Vm2 discontinued due to unfixable security issues | news.ycombinator.com | 2023-07-12

  • shhgit

    Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

  • sanitize-html

    Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance

    • Project mention: What tools do you use to generate css/xpath selectors? | /r/webscraping | 2023-07-19

    Sometimes I use sanitize-html to clean up the html and ask chatgpt to help me refine my selectors.

  • Betterfox

    Firefox user.js for speed, privacy, and security. Your favorite browser, but better.

    • Project mention: Mozilla Firefox or Chrome which is best for MOBILE PHONE.? | /r/browsers | 2023-12-11

    You can apply Betterfox using USB debugging, but it takes time to set it up: https://github.com/yokoffing/Betterfox/issues/240

  • Retire.js

    scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

    • Project mention: Understanding security in React Native applications | dev.to | 2024-04-03

    Retire.js

  • cloudsploit

    Cloud Security Posture Management (CSPM)

  • StegCloak

    Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

    • Project mention: It's the Job of My Dreams, but I'd Have to Write a Cover Letter, So Nevermind | news.ycombinator.com | 2023-11-08

  • express-gateway

    A microservices API Gateway built on top of Express.js

    • Project mention: 5 Ways to Improve Your API Reliability | dev.to | 2023-07-25

    Express Gateway: A microservices API Gateway built on Express.js. It's entirely extensible and framework agnostic, delivering robust, scalable solutions in no time.

  • rate-limiter-flexible

    Atomic counters and rate limiting tools. Limit resource access at any scale.

  • Cosmos-Server

    ☁️ The Most Secure and Easy Selfhosted Home Server. Take control of your data and privacy without sacrificing security and stability (Authentication, anti-DDOS, anti-bot)

    • Project mention: The Hater's Guide to Kubernetes | news.ycombinator.com | 2024-03-03

    That's basically just a docker-compose.

    If you want something crazy all-in-one for homelab check out https://github.com/azukaar/Cosmos-Server

  • user.js

    user.js -- Firefox configuration hardening (by pyllyukko)

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

JavaScript Security related posts

  • Firefox to collect anonymized and categorized search data

    1 project | news.ycombinator.com | 14 May 2024

  • The Browser Exploitation Framework Project

    1 project | news.ycombinator.com | 14 May 2024

  • Passkey Implementation: Misconceptions, pitfalls and unknown unknowns

    8 projects | news.ycombinator.com | 2 May 2024

  • New startup sells coffee through SSH and exclusively through SSH

    3 projects | news.ycombinator.com | 1 May 2024

  • Access Google Cloud Secret Manager via Google Apps Script

    2 projects | dev.to | 1 May 2024

  • Mode - Comprehensive Starter Guide

    1 project | dev.to | 25 Apr 2024

  • SQL Injection Isn't Dead Yet

    2 projects | dev.to | 15 Apr 2024
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 20 May 2024
    Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

What are some of the best open-source Security projects in JavaScript? This list will help you:

Project Stars
1 nginxconfig.io 27,234
2 openzeppelin-contracts 24,208
3 DOMPurify 12,950
4 KeeWeb 12,091
5 BeEF 9,415
6 awesome-ctf 9,248
7 user.js 9,201
8 howtheysre 8,939
9 nuclei-templates 8,143
10 arkime 6,136
11 cloudmapper 5,854
12 ClearURLs-Addon 3,935
13 vm2 3,833
14 shhgit 3,793
15 sanitize-html 3,632
16 Betterfox 3,679
17 Retire.js 3,536
18 cloudsploit 3,206
19 StegCloak 3,183
20 express-gateway 2,945
21 rate-limiter-flexible 2,912
22 Cosmos-Server 2,796
23 user.js 2,724

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com