![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
puppeteer-stream
Advanced tools
Readme
An Extension for Puppeteer to retrieve audio and/or video streams of a page
If you’re looking to use this repo to retrieve video or audio streams from meeting platforms like Zoom, Google Meet, Microsoft Teams, consider checking out Recall.ai, an API for meeting recording.
npm i puppeteer-stream
# or "yarn add puppeteer-stream"
For ES5
const { launch, getStream } = require("puppeteer-stream");
or for ES6
import { launch, getStream } from "puppeteer-stream";
The method launch(options)
takes additional to the original puppeteer launch function, the following options
{
allowIncognito?: boolean, // to be able to use incognito mode
closeDelay?: number, // to fix rarely occurring TargetCloseError, set and increase number (in ms)
}
and returns a Promise<
Browser
>
Works also in headless mode (no gui needed), just set headless: "new"
in the launch options
The method getStream(options)
takes the following options
{
audio: boolean, // whether or not to enable audio
video: boolean, // whether or not to enable video
mimeType?: string, // optional mime type of the stream, e.g. "audio/webm" or "video/webm"
audioBitsPerSecond?: number, // The chosen bitrate for the audio component of the media.
videoBitsPerSecond?: number, // The chosen bitrate for the video component of the media.
bitsPerSecond?: number, // The chosen bitrate for the audio and video components of the media. This can be specified instead of the above two properties. If this is specified along with one or the other of the above properties, this will be used for the one that isn't specified.
frameSize?: number, // The number of milliseconds to record into each packet.
videoConstraints: {
mandatory?: MediaTrackConstraints,
optional?: MediaTrackConstraints
},
audioConstraints: {
mandatory?: MediaTrackConstraints,
optional?: MediaTrackConstraints
},
}
and returns a Promise<
Readable
>
For a detailed documentation of the mimeType
, audioBitsPerSecond
, videoBitsPerSecond
, bitsPerSecond
, frameSize
properties have a look at the HTML5 MediaRecorder Options and for the videoConstraints
and audioConstraints
properties have a look at the MediaTrackConstraints.
const { launch, getStream, wss } = require("puppeteer-stream");
const fs = require("fs");
const file = fs.createWriteStream(__dirname + "/test.webm");
async function test() {
const browser = await launch({
executablePath: "C:/Program Files/Google/Chrome/Application/chrome.exe",
// or on linux: "google-chrome-stable"
// or on mac: "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome"
defaultViewport: {
width: 1920,
height: 1080,
},
});
const page = await browser.newPage();
await page.goto("https://www.youtube.com/embed/DzivgKuhNl4?autoplay=1");
const stream = await getStream(page, { audio: true, video: true });
console.log("recording");
stream.pipe(file);
setTimeout(async () => {
await stream.destroy();
file.close();
console.log("finished");
await browser.close();
(await wss).close();
}, 1000 * 10);
}
test();
FAQs
Unknown package
The npm package puppeteer-stream receives a total of 1,586 weekly downloads. As such, puppeteer-stream popularity was classified as popular.
We found that puppeteer-stream demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.