Skip to content
View lirantal's full-sized avatar
馃挓
Writing a book on Node.js Secure Coding
馃挓
Writing a book on Node.js Secure Coding

Organizations

@meanjs @nodejs @snyk @jsheroes @verdaccio @TheSecureDeveloper @snyk-labs @create-node @community-snyk
Block or Report

Block or report lirantal

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user鈥檚 behavior. Learn more about reporting abuse.

Report abuse
lirantal/README.md

Hi, I'm Liran 馃憢

I wrote these two comprehensive deep-dive books on Secure Coding in Node.js to help developers master Node.js security with hands-on vulnerability review and remediation walkthroughs

Node.js Secure Coding: Defending Against Command Injection Vulnerabilities
Node.js Secure Coding: Defending Against Command Injection Vulnerabilities
Node.js Secure Coding:Prevention and Exploitation of Path Traversal Vulnerabilities
Node.js Secure Coding: Defending Against Command Injection Vulnerabilities

Software Engineer 路 Web Security Activist 路 Author

A GitHub Star, world-wide recognized for championing open source software and actively working within communities to inspire and lift other humans. Liran also received the OpenJS Foundation's Pathfinder for Security for his work on Node.js security. A JavaScript & Node.js software developer, building web applications and command-line tools. A web security activist , engaging in security research, software supply chain security, and regular contributor and project lead to OWASP Foundation projects. An avid member of the Node.js Foundation ecosystem security working group, dedicated to advancing Node.js security awareness and skill-set in the open source community. Developer Advocate at Snyk.

Twitter


Awarded:

Web Security Activism

My latest articles on the Snyk blog and my blog

Published Author

Essential Node.js Security
Essential Node.js Security

Liran Tal
Web Security: Learning HTTP Security Headers
Web Security: Learning HTTP Security Headers

Liran Tal
O'Reilly Serverless Security
O'Reilly Serverless Security

Guy Podjarny, Liran Tal
State of Open Source Security 2019
Snyk's State of Open Source Security 2019

Liran Tal

Pinned

  1. dockly dockly Public

    Immersive terminal interface for managing docker containers and services

    JavaScript 3.7k 153

  2. nodejs-cli-apps-best-practices nodejs-cli-apps-best-practices Public

    The largest Node.js CLI Apps best practices list 鉁

    3.2k 137

  3. is-website-vulnerable is-website-vulnerable Public

    finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

    JavaScript 1.9k 105

  4. awesome-nodejs-security awesome-nodejs-security Public

    Awesome Node.js Security resources

    2.6k 224

  5. lockfile-lint lockfile-lint Public

    Lint an npm or yarn lockfile to analyze and detect security issues

    JavaScript 767 36

  6. npq npq Public

    馃帠safely* install packages with npm or yarn by auditing them as part of your install process

    JavaScript 839 28