JavaScript Security

Open-source JavaScript projects categorized as Security

Top 23 JavaScript Security Projects

  1. nginxconfig.io

    ⚙️ NGINX config generator on steroids 💉

  2. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  3. bettercap

    The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

  4. DOMPurify

    DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

    Project mention: Your rich text could be a cross-site scripting vulnerability | dev.to | 2024-12-16

    Let's take a look at how we implement sanitization in the secure version of our vulnerable application. Since this application is primarily written using JavaScript, we use the dompurify library for the client side and the isomorphic-dompurify library for server-side sanitization. In the app.js program that acts as our web server, you will find an express endpoint /sanitized with a GET and POST implementation:

  5. user.js

    Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening

    Project mention: Double-Keyed Caching: How Browser Cache Partitioning Changed the Web | news.ycombinator.com | 2025-01-10
  6. awesome-ctf

    A curated list of CTF frameworks, libraries, resources and softwares

    Project mention: A curated list of Capture The Flag (CTF) frameworks, libraries and resources | news.ycombinator.com | 2024-08-26
  7. BeEF

    The Browser Exploitation Framework Project

    Project mention: Instalar BeEF en Kali Linux 2024 | dev.to | 2024-10-05
  8. nuclei-templates

    Community curated list of templates for the nuclei engine to find security vulnerabilities.

  9. howtheysre

    A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

  10. Betterfox

    Firefox user.js for speed, privacy, and security. Your favorite browser, but better.

    Project mention: Firefox update added more sponsored content on new-tab page | news.ycombinator.com | 2024-09-09

    https://github.com/yokoffing/BetterFox

    I set this up once, sometimes do a git pull, and honestly, I can't see "annoyances" others always complain about. Maybe I look at the wrong places / learned to ignore them. Or maybe it's BetterFox removing them. Worth a try

  11. arkime

    Arkime is an open source, large scale, full packet capturing, indexing, and database system.

  12. cloudmapper

    CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

  13. ClearURLs-Addon

    ClearURLs is an add-on based on the new WebExtensions technology and will automatically remove tracking elements from URLs to help protect your privacy.

  14. Cosmos-Server

    ☁️ The Most Secure and Easy Selfhosted Home Server. Take control of your data and privacy without sacrificing security and stability (Authentication, anti-DDOS, anti-bot)

    Project mention: coolify VS Cosmos-Server - a user suggested alternative | libhunt.com/r/coolify | 2024-09-26

    both docker and server managers

  15. sanitize-html

    Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance

    Project mention: Show HN: Markdown HN profiles at {user}.at.hn | news.ycombinator.com | 2024-06-10

    Since marked doesn't do it for you, make sure you sanitize the user input (the text on the user profiles) before rendering it to visitors.

    Some libraries for doing that with good defaults:

    - https://github.com/cure53/DOMPurify

    - https://github.com/apostrophecms/sanitize-html

    - https://github.com/bevacqua/insane

    (right now your site looks vulnerable to XSS)

  16. shhgit

    Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

  17. Retire.js

    scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

    Project mention: Understanding security in React Native applications | dev.to | 2024-04-03

    Retire.js

  18. twofactorauth

    List of sites with two factor auth support which includes SMS, email, phone calls, hardware, and software.

  19. cloudsploit

    Cloud Security Posture Management (CSPM)

  20. StegCloak

    Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

  21. reverse-shell-generator

    Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

  22. rate-limiter-flexible

    Atomic counters and rate limiting tools. Limit resource access at any scale.

  23. express-gateway

    A microservices API Gateway built on top of Express.js

  24. user.js

    user.js -- Firefox configuration hardening (by pyllyukko)

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

JavaScript Security discussion

Log in or Post with

JavaScript Security related posts

  • Double-Keyed Caching: How Browser Cache Partitioning Changed the Web

    1 project | news.ycombinator.com | 10 Jan 2025
  • Your rich text could be a cross-site scripting vulnerability

    3 projects | dev.to | 16 Dec 2024
  • Understanding Cross-Site Scripting (XSS): A Quick Reference

    1 project | dev.to | 28 Oct 2024
  • Canvas Fingerprinting – BrowserLeaks

    3 projects | news.ycombinator.com | 26 Oct 2024
  • How to Encrypt JavaScript Code for Web Security

    3 projects | dev.to | 25 Oct 2024
  • First Contribution

    2 projects | dev.to | 5 Oct 2024
  • OpenZeppelin Contracts: Secure Smart Contract Development Made Easy

    1 project | news.ycombinator.com | 29 Sep 2024
  • A note from our sponsor - SaaSHub
    www.saashub.com | 19 Jan 2025
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source Security projects in JavaScript? This list will help you:

# Project Stars
1 nginxconfig.io 27,914
2 bettercap 17,041
3 DOMPurify 14,420
4 user.js 10,504
5 awesome-ctf 9,988
6 BeEF 9,987
7 nuclei-templates 9,572
8 howtheysre 9,199
9 Betterfox 6,767
10 arkime 6,459
11 cloudmapper 6,038
12 ClearURLs-Addon 4,121
13 Cosmos-Server 3,981
14 sanitize-html 3,886
15 shhgit 3,844
16 Retire.js 3,738
17 twofactorauth 3,400
18 cloudsploit 3,398
19 StegCloak 3,350
20 reverse-shell-generator 3,150
21 rate-limiter-flexible 3,120
22 express-gateway 2,982
23 user.js 2,773

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com