Discover lirantal/awesome-contract-testing Open Source project

The largest Node.js CLI Apps best practices list ✨

3,695

nodejs-cli-apps-best-practices

3,239

awesome-nodejs-security

Awesome Node.js Security resources

2,583

is-website-vulnerable

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

🎖safely* install packages with npm or yarn by auditing them as part of your install process

1,910

npq

Lint an npm or yarn lockfile to analyze and detect security issues

836

lockfile-lint

daloRADIUS is an advanced RADIUS web management application aimed at managing hotspots and general-purpose ISP deployments. It features user management, graphical reporting, accounting, a billing engine and integrates with GoogleMaps for geo-locating.

770

daloradius

PHP

586

awesome-opensource-israel

A curated list of Israeli-made projects, events, and individuals

346

cypress-social-logins

Cypress authentication flows using social network providers

A Node.js express middleware that implements API versioning for route controllers

232

express-version-route

Documentation for Essential Node.js Security

essential-nodejs-security-book

ESLint plugin to detect and stop Trojan Source attacks

eslint-plugin-anti-trojan-source

A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets

detect-secrets

Detect trojan source attacks that employ unicode bidi attacks to inject malicious code

anti-trojan-source

Node.js CLI tool to visualize an aggregate list of your dependencies' licenses

licenseye

Scaffold a batteries-included Node.js library project with docs, tests, semantic releases and more

create-node-lib

Visualize your project security vulnerabilities as a pie chart in the terminal

pie-my-vulns

Menu Navigation extension for CodeIgniter PHP framework

codeigniter-menu

PHP

women-of-open-source-israel

WOSI - Women of Open Source Israel 🇮🇱

learning-http-security-headers-book

Hands-on practical use of HTTP security headers as browser security controls to help secure web applications

express-security-txt

A Node.js middleware for Express that implements Security.txt - A Method for Web Security Policies

Collection of enterprise application patterns

enterprise-applications-patterns

twiks

Twitter awesomeness browser extension

Node.js library to convert unix or linux CRON syntax to Quartz Scheduler

cron-to-quartz

Riess.js is a de-coupled full stack JavaScript application framework

Riess.js

A friendlier Typeform Node.js API client

typeform-client

Do you want to start a meetup group but you don't know exactly where to start? You're in the right place!

organising-awesome-meetups

agilemanager-api

HPE's Agile Manager client API module for NodeJS

Travis CLI in a docker container (encrypt, lint, env, monitor)

docker-travis-cli

A template repository that is ready to author and publish books written in AsciiDoc format

asciidoc-book-starter

versions an incoming request to Express based on header or URL

express-version-request

Pipe any mail envelope input and output forward as SMTP client

smtp-pipe

NodePulse is a live Node.js dashboard

nodepulse

Inject JS to the DOM to find vulnerable JavaScript libraries

js-vulns-detector

GitHub Actions Best Practices for Node.js applications

github-actions-best-practices-for-node.js

docker-images-security-workshop

Docker Image Security Workshop for Best Practices

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

cwe-sdk

Liran Tal's portfolio of public speaking engagements

public-speaking

nodejs-docker-image-best-practices

Best practices for building and maintaining Node.js docker images

cross-platform execution of command line programs in shells

Manager-README

Liran Tal Manager README

opn-shell

Demo for practicing Dependency Confusion supply chain attacks

dependency-confusion-demo

A Node.js API service that fetches files and checks for virus or malware

vault

Liran Tal's repository for public speaking

public-speaking-archive

Liquid

slides-react-security-lightning-talk-2022

Slides for talk: How React Applications Get Hacked in the Real World

HTML

typeform-export-excel

Export a Typeform survey questionnaire to an Excel format

Mr Audit is a Gulp plugin to audit JavaScript code for security related static code analysis

gulp-mraudit

A docker image for Yelp's docker-secrets python application

docker-detect-secrets

Exercise resources about HTTP security headers in Node.js and Express applications

nodejssecurity-headers-hsts

A CLI for Snyk's SnykCon 2020 DevSecOps and Developer-first security conference

snykcon

RADIUS monitoring and statistics reporting for FreeRADIUS-based deployments (it's a pingdom for RADUIS servers)

radiusense

React Suspended is an educational frontend application riddled with security vulnerabilities

react-suspended-vulnerable-application

CSS

slides-react-security-2022

Slides for talk: How React Applications Get Hacked in the Real World

Exercise resources about browser security controls

nodejssecurity-mixed-content

Pact Workshop - Consumer in Node.js

pact-workshop-consumer-nodejs

Report a security vulnerability

security-report

Proactive NPM Controls for Supply Chain Security

Proactive-Controls-for-JavaScript-Supply-Chain-Security

operations-orchestration-api

HPE's Operations Orchestration client API module for NodeJS

Dependency Frost is an educational platform game to promote awareness of security in open source dependencies

Dependency-Frost

A starter template for Public Speaking templates 🎤 💫

public-speaking-jekyll

Ruby

lockfile-prune

Lockfiles have needs too and this package takes care of them

Exercise resources about HTTP security headers in Node.js and Express applications

nodejssecurity-headers-xframe-innocent

This repository will contain benchmark comparison between Snyk and npm audit, based on personal observation, as objective as possible

snyk-vs-npm-audit

pp-minimist-poc

Prototype Pollution in minimist

Node.js library providing high-level wrapper for convenient AWS S3 capabilities

aws-s3-utils

Liran Tal's lirantal.com website v2

lirantaldotcom

Astro

bazz

🚀📩 effortless remote push notifications for the CLI

Oreilly's Serverless security example application - serverless-goof todo app

serverless-goof-azure

SAY NO TO SECRETS IN ENVIRONMENT VARIABLES

no-secrets-env-vars-website

ESLint collection of curated security rules for static code analysis linter

eslint-plugin-security

Linter for a Swagger JSON API spec

swagger-lint-api

render images on the terminal (forked from substack/picture-tube)

picture-tuber

Recurses a given node_modules directory to fetch all npm package licenses

licensewatch

bazz-serverless-firebase

presentation-terminal-great-again

CLI to manage GitHub repositories in bulk

githubs

A Fastify example codebase for using dotenv with env-schema wrapper

fastify-dotenv-envschema-example

CLI to detect terminal support for properties like color, unicode and others

terminal-detect

smtp-watch will create an smtp server for incoming mail connections, and display these e-mails on a web page

smtp-watch

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

cwe-tool

A Node.js Fastify microservice that uses SuperTokens for authentication

fastify-supertokens-example

A web app that shows and compares technology stacks and trends around the world

techies

A Snyk-based goof application to demonstrate breaking into containers

goof-container-breaking-in

A QT-based PPTP dialer for Linux users of the 012 Israel ISP

012cable

Makefile

operations-orchestration-backup

NodeJS Backup Tool (Import/Export) for HPE's Operations Orchestration

Easily install all packages required to create an Atom Bundle for a Language or Platform

atombundles

The source-code for the speak|easy website which promotes inspirational and information public speaking tips

speak-easy

daloRADIUS official website

daloradius-web

CSS

bazz-frontend

PHP SDK for the Facebook API

php-sdk

PHP

snyk-or-snick

Race your friend to the Snyk palace

slides-supply-chain-security

Spin-off an isolated Node.js environment using Docker containers

create-node-sandbox

An up to date list of ecosystem, their package managers and traits of theirs with regards to software security

lirantal

ecosystem-lockfiles

pkg-probe

Crawling meetup.com to retrieve data

techies-meetup-crawler

berry-plugin-hello-world

An HTTP API to access CWE information based on the CWE Toolkit OWASP project

cwe-toolkit-api

A GitHub Action that updates the PR title with information about the base branch it wants to merge to

100

github-action-pr-title-update-branch