awesome-nodejs-security
opencti
Our great sponsors
awesome-nodejs-security | opencti | |
---|---|---|
3 | 9 | |
2,565 | 4,617 | |
- | 5.5% | |
6.5 | 10.0 | |
about 1 month ago | 6 days ago | |
JavaScript | TypeScript | |
- | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
awesome-nodejs-security
-
Using insecure npm package manager defaults to steal your macOS keyboard shortcuts
Many other JavaScript and Node.js security incidents are curated on the Awesome Node.js Security repository.
-
What is secure code?
For the PERN stack you can check out the vulnerabilities and their solutions here, you may also like the Secure Code Warrior Free Node.js express training. Also check out the Awesome Node.js Security list.
-
JavaScript Security 101
Here are a few highlights from some great Static code analysis (SAST) tools listed in Awesome Node.js security & Guidesmiths Cybersecurity handbook.
opencti
- GitHub - OpenCTI-Platform/opencti: Open Cyber Threat Intelligence Platform
-
Creating a cyber threat intelligence tool
It sounds like you want to jump into game development before learning how to write "Hello, world!". Try using any of the open source tools that already do this and sign up for some "free" threat intel tools and learn the lay of the land. https://www.misp-project.org/ https://github.com/OpenCTI-Platform/opencti https://iplists.firehol.org/ https://www.greynoise.io/
-
Threat analysis visualization?
An image - OpenCTI IOC Visualisation The system - OpenCTI Github
-
Cyber Threat Intelligence
Best thing you can do to start your CTI journey is building an OpenCTI server for yourself. After adding some connectors to your openCTI (AlienVault, malpedia, mitre...), you'll have a strong base to practice and learn CTI.
- OpenCTI - Open platform for cyber threat intelligence
-
Threat Intelligence platform recommendations
If you haven’t yet, check out OpenCTI https://github.com/OpenCTI-Platform/opencti
- OpenCTI-Platform/opencti - Open Cyber Threat Intelligence Platform
- OpenCTI Version 4.5.4 released
- OpenCTI: Release Version 4.5.0 - more filters are available in the TAXII collection API
What are some alternatives?
Shuffle - Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.
MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform
pwndoc - Pentest Report Generator
deepdarkCTI - Collection of Cyber Threat Intelligence sources from the deep and dark web
lockfile-lint - Lint an npm or yarn lockfile to analyze and detect security issues
firewalla - http://firewalla.com
tbv - Package verification for npm
is-website-vulnerable - finds publicly known security vulnerabilities in a website's frontend JavaScript libraries
CaptfEncoder - Captfencoder is opensource a rapid cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools.
nodejs-salting - There is a method in the crypto module called scrypt that we are going to use in the example.
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.