Hi guys! Since I started to write Bluebox-ng I've been tracking the different security projects I found written in Node.js. Now we've published the first stable version we think it's the right moment to speak among us (and, of course, everyone interested in it :).
- I think we're rewriting the same stuff in our respective projects again and again. For example, almost any tool supports IPv6 because the functions we need are still not present in the Node core and the libraries I found (IMHO) were not enough.
- There're different projects implementing exactly the same thing, ie: port scanners.
- We're working in a too new environment, so we need to make it together.
- Our 2 cents to make Node still more awesome. Now we have io.js whose main idea is to gain commiters.
To clarify: We've NO interest in keeping the project name or something similar, our only idea is to code in a bigger community.
Hi everyone,
I am surprised to see this community page. It is awesome!
I started a nodejs security project called pownjs. You can learn more about what it is and the philosophy behind it over here https://github.com/pownjs/pown.
So far I have contributed a few modules including a LMNR spoofer, simple captcha breaking tool, pcap2 based sniffing tool, offline hacking tips browser and a few more modules. I am also toying with many ideas that I would like to eventually implement such as UPNP discovery and hacking toolkit, a proxy, arp spoofing etc, TV hacking toolkit, web security tools, recon tools, more responders (mdns, dns, dhcp etc), exploit development modules, etc.
I would love to get your opinion and also, if interested, get you involved.
The best part is that pownjs is decentralised project because it is based around npm and practically anyone can make their own distributions of the toolkit. This is part of the philosophy - i.e modules are framework agnostic and everyone is a contributor even the indirectly sometimes (check
$ pown creditsto see).Let me know if you have any questions.