Zigi monitors Jira and GitHub updates, pings you when PRs need approval and lets you take fast actions - all directly from Slack! Plus it reduces cycle time by up to 75%. Learn more →
Top 23 TypeScript Security Projects
till you notice that obfuscator.io can easily be deobfuscated
Help secure Express apps with various HTTP headersProject mention: Improving Security of Nuxt 3 | dev.to | 2022-10-10
The nuxt-security module is currently based on two main aspects; OWASP Top 10 for Node.js and Helmet.js.
Truly a developer’s best friend. Scout APM is great for developers who want to find and fix performance issues in their applications. With Scout, we'll take care of the bugs so you can focus on building great things 🚀.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web applicationProject mention: General question on Docker | reddit.com/r/docker | 2022-12-06
Right here. https://github.com/juice-shop/juice-shop/blob/master/Dockerfile
Tutanota is an email service with a strong focus on security and privacy that lets you encrypt emails, contacts and calendar entries on all your devices.Project mention: Proton Drive iOS and Android Apps Now Available for Encrypted Cloud Storage | reddit.com/r/apple | 2022-12-08
Snyk CLI scans and monitors your projects for security vulnerabilities. (by snyk)Project mention: pen-testing NPM vulnerabilities | reddit.com/r/Pentesting | 2022-11-30
If you have access to their web application project repository, you can check package vulnerabilities using Snyk (not-affiliated).
Tamper Dev is an extension that allows you to intercept and edit HTTP/HTTPS requests and responses as they happen without the need of a proxy. Works across all operating systems (including Chrome OS).
:key: Cross-Platform Passwords & Secrets VaultProject mention: Password manager recommendations? | reddit.com/r/software | 2022-11-18
Role and Attribute based Access Control for Node.jsProject mention: Java Script-AdonisJs Funções(roles) ACL-RBAC Backend API | dev.to | 2022-08-27
2- https://www.npmjs.com/package/accesscontrol https://github.com/onury/accesscontrol
Full-featured Node.js framework, with no complexity. 🚀 Simple and easy to use, TypeScript-based and well-documented.Project mention: FoalTS 3.0 released – TypeScript app framework | news.ycombinator.com | 2022-11-02
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/Project mention: Malicious Python Packages Replace Crypto Addresses in Developer Clipboards | reddit.com/r/netsec | 2022-11-07
If anybody is curious to replicate this type of analysis, we should connect because I've been working a project to build an engine for this type of analysis for about a year now. GitHub Repo
Metlo is an open-source API security platform.Project mention: Launch HN: Metlo (YC S21) – Open-source software for securing your APIs | news.ycombinator.com | 2022-11-09
Our website is at https://metlo.com, repo is at https://github.com/metlo-labs/metlo. There’s a demo video here: https://www.loom.com/share/2c38c731cf044288995e5ee2566528a7. Check out our sandbox at https://demo.metlo.com (no email required). You can get started with our hosted service (in Beta) for free at https://app.metlo.com/signup (there’s an always free tier, and paid tier is not enforced yet) , or you can self-host by following the instructions at https://docs.metlo.com/docs/deploy-to-aws.
Cross-platform desktop GUI app to clean image metadataProject mention: If I take a screenshot of a pic from my google photos and share it online can someone find out my identity? | reddit.com/r/privacy | 2022-09-10
:video_camera: Complete HomeKit integration for UniFi Protect with full support for most features including autoconfiguration, motion detection, and multiple controllers: https://homebridge.ioProject mention: Will ubiquity ever add native HomeKit support to protect? | reddit.com/r/Ubiquiti | 2022-09-14
How does scrypted compare to https://github.com/hjdhjd/homebridge-unifi-protect ? This works pretty well but does have some delays loading cams at times.
A browser extension for OSINT search
npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit FlowProject mention: Integrating other Angular apps into existing Angular app. | reddit.com/r/Angular2 | 2022-04-21
The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent. (by cloudgraphdev)Project mention: Using cloudgragh in projects | dev.to | 2022-11-22
DevSkim is a set of IDE plugins and rules that provide security "linting" capabilities.Project mention: DevSkim | reddit.com/r/devopspro | 2022-03-08
Easy to use alarm system integration for Home AssistantProject mention: Recommendations for a Home Alarm system? | reddit.com/r/homelab | 2022-12-02
Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsingProject mention: When I use Tor browser to play roblox nothing happen. I press green button to start, but as I said, nothing happens. What can I do? | reddit.com/r/TOR | 2022-07-11
Because someone figured out that being able to open programs from a browser can be used to track people, and so it was disabled in Tor Browser
Creepy device and browser fingerprintingProject mention: Why is Brave better than Firefox? | reddit.com/r/brave_browser | 2022-10-11
For more details about the other values, see the GitHub page. Especially this section regarding the various formulas for the values you see.
GitHub Action for authenticating to Google Cloud with GitHub Actions OIDC tokens and Workload Identity Federation. (by google-github-actions)Project mention: Advanced GitHub Actions - Conditional Workflow | dev.to | 2022-02-13
I use google-github-actions/auth in the first step in my job to authenticate to GCP. At this point, I have 6 different GitHub secrets to test out the concept. Each branch has two secrets with the format BRANCH_WIP and BRANCH_SA.
React Native wrapper around EncryptedSharedPreferences and Keychain to provide a secure alternative to Async Storage.Project mention: Alternative to async storage for react-native | reddit.com/r/reactnative | 2022-12-05
You can use Expo SecureStore Or React Native Encrypted Storage.
📩🛡 Email privacy. Anonymously send and receive with alias forwarding.Project mention: Ptorx: Send and receive mail without using your real email address | news.ycombinator.com | 2022-10-22
Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Data Platform where developers build real-time applications for analytics, IoT and cloud-native services in less time with less code.
TypeScript Security related posts
A way to publish from GitHub Actions using multi-factor authentication
1 project | reddit.com/r/programming | 7 Dec 2022
pen-testing NPM vulnerabilities
1 project | reddit.com/r/Pentesting | 30 Nov 2022
Ask HN: Is it time for a new Storybook?
4 projects | news.ycombinator.com | 19 Nov 2022
Launch HN: Metlo (YC S21) – Open-source software for securing your APIs
3 projects | news.ycombinator.com | 9 Nov 2022
Metlo: Open-source API security platform
1 project | news.ycombinator.com | 8 Nov 2022
1 project | reddit.com/r/devopspro | 5 Nov 2022
How to create SBOMs in Java with Maven and Gradle
1 project | reddit.com/r/java | 4 Nov 2022
A note from our sponsor - Zigi
www.zigi.ai | 8 Dec 2022
What are some of the best open-source Security projects in TypeScript? This list will help you:
|4||Tutanota makes encryption easy||4,990|