📑
Chris Johnson's KB
  • Chris Johnson's KB
  • Meta
    • Pages to Add
  • Cheat Sheets
    • Apache
    • Docker
    • Gatsby
    • Git
    • GraphQL
    • iOS
    • MySQL
    • Nginx
    • NextJS
    • NodeJS
    • Rails
    • React
    • Security Tools
    • Shell (Linux)
    • SwiftUI
    • Ubuntu Server
    • Vim
  • Computing
    • Mac
    • iOS
    • ChromeOS
    • Windows
    • Browser Plugins
    • RSI Prevention
    • Voice Control
    • AWS Cloud 9
    • Visual Studio Code
    • Linux
  • Workflows
    • Podcasting
    • Setting up a new Mac
    • Site Deploys
  • Hardware
    • Dell U2720Q Monitor
    • Moonlander Keyboard
    • Apple Silicon Macs
  • Productivity
    • Structure
    • Nuggets of Wisdom
  • Coffee
    • Coffee Notes & Equipment
    • Coffee Beans
    • AeroPress Recipes
    • V60 Recipes
    • Moka Pot Recipes
    • French Press Recipes
  • Gaming
    • Rocket League
  • Food
    • Cocktails
    • Favorite Recipes
    • Whisky Reviews
    • Infinity Bottle
    • Favorite Wines
  • Inspiration
    • Quotes
  • Philosophy
    • Life
    • Programming
  • Fitness
    • Diets
    • Exercise Notes
    • Personal Training Notes
Powered by GitBook
On this page
  • Resources
  • Malicious NPM packages

Was this helpful?

  1. Cheat Sheets

Security Tools

PreviousReactNextShell (Linux)

Last updated 4 years ago

Was this helpful?

Check your open source dependencies for critical vulnerabilities.

Yarn

$ yarn audit --level critical

NPM

$ npm audit | grep Critical -B3 -A10

Ruby Gems

$ gem install bundler-audit $ bundle audit

Run all development projects through Docker, a virtual machine, or a remote machine to protect your system and other projects.

Resources

Malicious NPM packages

NPM Advisories
NPM Security
MacOS security and privacy guide
Docker for Mac
Using Node in Docker
Bundler Audit
OWASP Cheat Sheets
https://blog.bitsrc.io/malicious-npm-development-kit-a02401e6537e
https://www.twilio.com/blog/2017/08/find-projects-infected-by-malicious-npm-packages.html
https://news.ycombinator.com/item?id=17283394
https://www.google.com/amp/s/www.zdnet.com/google-amp/article/malicious-npm-packages-caught-installing-remote-access-trojans/