Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
html-scrape
Advanced tools
A tool that will scrape html webpages with ease.
To install:
npm install html-scrape
Example of usage for finding a value in between something:
var scrape = require('html-scrape');
var elements = {
title: { start: '<title>', end: '</title>' },
explicit: { el: '#explicit > a' }
}
scrape ('https://npmjs.com', elements, (error, data) => {
if (error) {
console.log(error);
} else {
console.log(data);
}
});
Above would return:
{ title: 'npm', explicit: 'packages people \'npm install\' a lot' }
host [string | required] - URL of webpage you are wanting to scrape.
elements [string | required] - String that you will be searching.
start String before the value you are searching for. For instance -
<title>value</title>
: In this example, the header would be<title>
. If using the needle method, both start and end are required
end String after the value you are searching for. For instance -
<title>value</title>
: In this example, the header would be</title>
. If using the needle method, both start and end are required
el [string] Element id/class to get value of. Can also be declared like:
#el > a
to get value of the link.
callback [function] - Function that returns data after scraping is finished.
error [string] - Hold error if one was encountered during the scraping process.
data [string] - Holds object of data returned from the scraper.
FAQs
A lightweight tool that scrapes webpages with ease.
The npm package html-scrape receives a total of 0 weekly downloads. As such, html-scrape popularity was classified as not popular.
We found that html-scrape demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.