TypeScript Security

Open-source TypeScript projects categorized as Security

Top 23 TypeScript Security Projects

  • javascript-obfuscator

    A powerful obfuscator for JavaScript and Node.js

    Project mention: death | reddit.com/r/nullifysupport | 2022-11-27

    till you notice that obfuscator.io can easily be deobfuscated

  • helmet

    Help secure Express apps with various HTTP headers

    Project mention: Improving Security of Nuxt 3 | dev.to | 2022-10-10

    The nuxt-security module is currently based on two main aspects; OWASP Top 10 for Node.js and Helmet.js.

  • Scout APM

    Truly a developer’s best friend. Scout APM is great for developers who want to find and fix performance issues in their applications. With Scout, we'll take care of the bugs so you can focus on building great things 🚀.

  • juice-shop

    OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

    Project mention: General question on Docker | reddit.com/r/docker | 2022-12-06

    Right here. https://github.com/juice-shop/juice-shop/blob/master/Dockerfile

  • Tutanota makes encryption easy

    Tutanota is an email service with a strong focus on security and privacy that lets you encrypt emails, contacts and calendar entries on all your devices.

    Project mention: Proton Drive iOS and Android Apps Now Available for Encrypted Cloud Storage | reddit.com/r/apple | 2022-12-08
  • cli

    Snyk CLI scans and monitors your projects for security vulnerabilities. (by snyk)

    Project mention: pen-testing NPM vulnerabilities | reddit.com/r/Pentesting | 2022-11-30

    If you have access to their web application project repository, you can check package vulnerabilities using Snyk (not-affiliated).

  • tamperchrome

    Tamper Dev is an extension that allows you to intercept and edit HTTP/HTTPS requests and responses as they happen without the need of a proxy. Works across all operating systems (including Chrome OS).

  • buttercup-desktop

    :key: Cross-Platform Passwords & Secrets Vault

    Project mention: Password manager recommendations? | reddit.com/r/software | 2022-11-18
  • Sonar

    Write Clean JavaScript Code. Always.. Sonar helps you commit clean code every time. With over 300 unique rules to find JavaScript bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.

  • accesscontrol

    Role and Attribute based Access Control for Node.js

    Project mention: Java Script-AdonisJs Funções(roles) ACL-RBAC Backend API | dev.to | 2022-08-27

    2- https://www.npmjs.com/package/accesscontrol https://github.com/onury/accesscontrol

  • foal

    Full-featured Node.js framework, with no complexity. 🚀 Simple and easy to use, TypeScript-based and well-documented.

    Project mention: FoalTS 3.0 released – TypeScript app framework | news.ycombinator.com | 2022-11-02
  • lunasec

    LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

    Project mention: Malicious Python Packages Replace Crypto Addresses in Developer Clipboards | reddit.com/r/netsec | 2022-11-07

    If anybody is curious to replicate this type of analysis, we should connect because I've been working a project to build an engine for this type of analysis for about a year now. GitHub Repo

  • metlo

    Metlo is an open-source API security platform.

    Project mention: Launch HN: Metlo (YC S21) – Open-source software for securing your APIs | news.ycombinator.com | 2022-11-09

    Our website is at https://metlo.com, repo is at https://github.com/metlo-labs/metlo. There’s a demo video here: https://www.loom.com/share/2c38c731cf044288995e5ee2566528a7. Check out our sandbox at https://demo.metlo.com (no email required). You can get started with our hosted service (in Beta) for free at https://app.metlo.com/signup (there’s an always free tier, and paid tier is not enforced yet) , or you can self-host by following the instructions at https://docs.metlo.com/docs/deploy-to-aws.

  • exifcleaner

    Cross-platform desktop GUI app to clean image metadata

    Project mention: If I take a screenshot of a pic from my google photos and share it online can someone find out my identity? | reddit.com/r/privacy | 2022-09-10
  • homebridge-unifi-protect

    :video_camera: Complete HomeKit integration for UniFi Protect with full support for most features including autoconfiguration, motion detection, and multiple controllers: https://homebridge.io

    Project mention: Will ubiquity ever add native HomeKit support to protect? | reddit.com/r/Ubiquiti | 2022-09-14

    How does scrypted compare to https://github.com/hjdhjd/homebridge-unifi-protect ? This works pretty well but does have some delays loading cams at times.

  • mitaka

    A browser extension for OSINT search

  • angular-auth-oidc-client

    npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit Flow

    Project mention: Integrating other Angular apps into existing Angular app. | reddit.com/r/Angular2 | 2022-04-21
  • CloudGraph cli

    The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent. (by cloudgraphdev)

    Project mention: Using cloudgragh in projects | dev.to | 2022-11-22
  • DevSkim

    DevSkim is a set of IDE plugins and rules that provide security "linting" capabilities.

    Project mention: DevSkim | reddit.com/r/devopspro | 2022-03-08
  • alarmo

    Easy to use alarm system integration for Home Assistant

    Project mention: Recommendations for a Home Alarm system? | reddit.com/r/homelab | 2022-12-02
  • external-protocol-flooding

    Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing

    Project mention: When I use Tor browser to play roblox nothing happen. I press green button to start, but as I said, nothing happens. What can I do? | reddit.com/r/TOR | 2022-07-11

    Because someone figured out that being able to open programs from a browser can be used to track people, and so it was disabled in Tor Browser

  • creepjs

    Creepy device and browser fingerprinting

    Project mention: Why is Brave better than Firefox? | reddit.com/r/brave_browser | 2022-10-11

    For more details about the other values, see the GitHub page. Especially this section regarding the various formulas for the values you see.

  • auth

    GitHub Action for authenticating to Google Cloud with GitHub Actions OIDC tokens and Workload Identity Federation. (by google-github-actions)

    Project mention: Advanced GitHub Actions - Conditional Workflow | dev.to | 2022-02-13

    I use google-github-actions/auth in the first step in my job to authenticate to GCP. At this point, I have 6 different GitHub secrets to test out the concept. Each branch has two secrets with the format BRANCH_WIP and BRANCH_SA.

  • react-native-encrypted-storage

    React Native wrapper around EncryptedSharedPreferences and Keychain to provide a secure alternative to Async Storage.

    Project mention: Alternative to async storage for react-native | reddit.com/r/reactnative | 2022-12-05

    You can use Expo SecureStore Or React Native Encrypted Storage.

  • Ptorx

    📩🛡 Email privacy. Anonymously send and receive with alias forwarding.

    Project mention: Ptorx: Send and receive mail without using your real email address | news.ycombinator.com | 2022-10-22
  • InfluxDB

    Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Data Platform where developers build real-time applications for analytics, IoT and cloud-native services in less time with less code.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-12-08.

TypeScript Security related posts


What are some of the best open-source Security projects in TypeScript? This list will help you:

Project Stars
1 javascript-obfuscator 10,096
2 helmet 9,286
3 juice-shop 7,462
4 Tutanota makes encryption easy 4,990
5 cli 4,237
6 tamperchrome 4,050
7 buttercup-desktop 3,939
8 accesscontrol 1,882
9 foal 1,691
10 lunasec 1,207
11 metlo 1,076
12 exifcleaner 1,043
13 homebridge-unifi-protect 951
14 mitaka 939
15 angular-auth-oidc-client 907
16 CloudGraph cli 803
17 DevSkim 759
18 alarmo 652
19 external-protocol-flooding 622
20 creepjs 530
21 auth 481
22 react-native-encrypted-storage 430
23 Ptorx 309
Close all those tabs. Zigi will handle your updates.
Zigi monitors Jira and GitHub updates, pings you when PRs need approval and lets you take fast actions - all directly from Slack! Plus it reduces cycle time by up to 75%.