Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
fullstack-monitor
Advanced tools
About
Fullstack-monitor is log monitoring tools for developers, offering visibility of console logs, requests and responses from both the Client and Server side of your application in one single place.
This makes it easy to see what is happening across the stack as your front and back-end communicate.
In order to use this, you must also install the Fullstack-Monitor-CLI npm package.
Instructions
Installation
npm install fullstack-monitor
Front-end Setup
- Import fullstack-monitor in front-end, usually
in index.js.
import FL from 'fullstack-monitor'
- Invoke the
FL.setupfunction with the stringclientargument.
FL.setup('client');
- Please note, any code executed before the
setupfunction is invoked will not be monitored.
Back-end Setup
- Import fullstack- monitor in back-end, usually in
server.jsorindex.js, with theserverargument.
const fl = require('fullstack-monitor');
fl.setup('server');
- Pass the
fl.runintoapp.useas a middleware function, whereapprefers toconst app = express();.
app.use(fl.run);
Run
Run your application with
npm run dev
- Or the equivalent command in your setup.
User-Interface
- Globally install Fullstack-Monitor-CLI
$ npm install -g fullstack-monitor-cli
- Bootup the
Fullstack-Monitor-CLIserver.
$ fullstack-monitor-cli --start
- Go to
localhost:3861or the port configured to see the user interface of fullstack-monitor. Or just use the--chromecommand:
$ fullstack-monitor-cli --chrome
- In Home Page, all logs types are logs are shown, currently there are four diffrent types of logs.
- Console.log coming from the client side - as Type : Client
- Console.log coming from the server side - as Type : Server
- Request coming from the client side - as Type : Request
- Repond going out from server side - as Type : Server
- For each Type, users can navigate through the Top Menu bar.
- There's Custom Tab in Top Menu Bar where user can select only the Type they want to see.
- By clicking on the each indiviaul line of data, detailed information of each log can be seen.
- With the Delete Button, users can delele all existing logs.
Example Project
For an example of Fullstack-Monitor installed on a project see this GitHub Repo here:
Contributors
FAQs
Intercepts logs and requests for a fullstack application
We found that fullstack-monitor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 03 Apr 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025