Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@koush/chrome-net
Advanced tools
net
API in Chrome AppsThis module lets you use the Node.js net (TCP) API in Chrome Packaged Apps.
Instead of learning the quirks of Chrome's chrome.sockets
API for networking in Chrome Apps just use the higher-level node API you're familiar with. Then, compile your code with browserify and you're all set!
npm install chrome-net
Use node's net
API, including all parameter list shorthands and variations.
Example TCP client:
var net = require('chrome-net')
var client = net.createConnection({
port: 1337,
host: '127.0.0.1'
})
client.write('beep')
client.on('data', function (data) {
console.log(data)
})
// .pipe() streaming API works too!
Example TCP server:
var net = require('chrome-net')
var server = net.createServer()
server.on('listening', function () {
console.log('listening')
})
server.on('connection', function (sock) {
console.log('Connection from ' + sock.remoteAddress + ':' + sock.remotePort)
sock.on('data', function (data) {
console.log(data)
})
})
server.listen(1337)
See nodejs.org for full API documentation: net
To run tests, use npm test
. The tests will run TCP and UDP servers and launch a few different Chrome Packaged Apps with browserified client code. The tests currently require Chrome on Windows or Chrome Canary on Mac. If you're on Linux, feel free to send a pull request to fix this limitation.
MIT. Copyright (c) Feross Aboukhadijeh, John Hiesey & Jan Schär.
FAQs
Use the Node `net` API in Chrome Apps
We found that @koush/chrome-net demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.