Exploiting Node.js Deserialization Bug for Remote Code Execution

tl;dr Untrusted data passed into unserialize() function in node-serialize module can be exploited to achieve arbitrary code execution by passing a serialized JavaScript Object with an Immediately invoked function expression (IIFE). The Bug During a Node. Read more

Read full article

Similar

Tests and Code Coverage on Node.js Using TypeScript with Mocha and Istanbul

How to configure the environment, write the tests, write the API endpoints and generate the code coverage report... (more…)

Using N|Solid with AppDynamics to Monitor Node.js Applications

Learn how to use the integration between N|Solid and AppDynamics to get insight into enriched Node.js metrics. (more…)

A Node.js opensource lib to send transactional notifications, what next?

notifme-sdk - A Node.js library to send all kinds of transactional notifications. (more…)

Using the GitHub GraphQL API with Node.js

As of API v4 Github is using GraphQL as a query language for their API. This gives the users more power and flexibility to ask exactly what they need from the API (it also gives you more public data compared to API v3, such as closed issues count). (more…)

Node.js and MongoDB Music API on GitHub(Check It Out)

NodeJS-Song-API - A Song API builted with NodeJS and MongoDB... (more…)

Latest News

Health Care Is Hemorrhaging Data. AI Is Here to Help

Introducing bitlib-rs for Rust and Cairo

HUI.js – JavaScript Front End UI Library in 657 Bytes