Hackers of India

Avatar

Node Security Shield


Lavakumar Kuppan  Sukesh Pappu 



From : https://github.com/DomdogSec/NodeSecurityShield

Node Security Shield (NSS) is an Open source Runtime Application Self-Protection (RASP) tool which aims at bridging the gap for comprehensive NodeJS security by enabling Developer and Security Engineer to declare what resources an application can access.

Inspired by the Log4Shell (CVE-2021-44228) vulnerability which can be exploited because an application can make arbitrary network calls, we felt there is a need for an application to have a mechanism so that it can declare what privileges it allows in order to make the exploitation of such vulnerabilities harder by implementing additional controls.

List of Sessions


---- Tool Demo ----
---- 2022 ----