From 8d7dcda7a2ba0cf756e75e2f68cc73b36c974fed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ulises=20Gasc=C3=B3n?=
 <UlisesGascon@users.noreply.github.com>
Date: Tue, 4 Aug 2020 18:09:19 +0200
Subject: [PATCH] Added Bourne to Security Hardering section

Context:
- [Suggested at Express](https://github.com/expressjs/body-parser/issues/347#issuecomment-461844627)
- [Prototype Pollution attack details](https://guidesmiths.github.io/cybersecurity-handbook/attacks_explained/prototype_pollution)
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index e2ec90f..a6c6c4d 100644
--- a/README.md
+++ b/README.md
@@ -90,6 +90,7 @@ A curated list of awesome Node.js Security resources.
 - [rate-limiter-flexible](https://www.npmjs.com/package/rate-limiter-flexible) - Fast, flexible and friendly rate limiter by key and protection from DDoS and brute force attacks in process Memory, Cluster, Redis, MongoDb, MySQL, PostgreSQL at any scale. Express and Koa examples included.
 - [tor-detect-middleware](https://github.com/UlisesGascon/tor-detect-middleware) Tor detect middleware for express
 - [express-enforces-ssl](https://github.com/hengkiardo/express-enforces-ssl) Enforces SSL for Express based Node.js projects. It is however highly advised that you handle SSL and global HTTP rules in a front proxy.
+- [bourne](https://github.com/hapijs/bourne) `JSON.parse()` drop-in replacement with prototype poisoning protection.
 
 
 # Security Incidents