![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
socks-proxy-agent
Advanced tools
Package description
The socks-proxy-agent package is a SOCKS proxy http.Agent implementation for HTTP and HTTPS. This package allows you to route HTTP and HTTPS requests through a SOCKS proxy server. It is useful for bypassing network restrictions or connecting to servers anonymously.
HTTP/HTTPS request via SOCKS proxy
This code sample demonstrates how to send an HTTP or HTTPS request through a SOCKS proxy using the socks-proxy-agent package. The agent is created with the proxy server information and passed to the HTTP request options.
const SocksProxyAgent = require('socks-proxy-agent');
const agent = new SocksProxyAgent('socks://localhost:1080');
const https = require('https');
https.get('https://example.com', { agent }, (res) => {
console.log(`Got response: ${res.statusCode}`);
// consume response body
res.resume();
}).on('error', (e) => {
console.error(`Got error: ${e.message}`);
});
The http-proxy-agent package provides an http.Agent implementation that connects to a specified HTTP proxy server, and can be used for forwarding HTTP requests. Unlike socks-proxy-agent, it does not support SOCKS proxies, only HTTP.
Similar to http-proxy-agent, https-proxy-agent provides an http.Agent implementation for HTTPS requests that connects to an HTTPS proxy server. It is specifically designed for HTTPS connections and does not support SOCKS proxies.
The proxy-agent package is a more general solution that supports multiple proxy protocols including HTTP, HTTPS, SOCKS, and PAC files. It can be used as a drop-in replacement for the standard http.Agent and automatically selects the appropriate agent based on the proxy's protocol. This makes it more versatile than socks-proxy-agent, which is specialized for SOCKS proxies only.
Readme
http.Agent
implementation for HTTP and HTTPSThis module provides an http.Agent
implementation that connects to a specified
SOCKS (v4a) proxy server, and can be used with the built-in http
or https
modules.
Install with npm
:
$ npm install socks-proxy-agent
http
module example:
var url = require('url');
var http = require('http');
var SocksProxyAgent = require('socks-proxy-agent');
// SOCKS proxy to connect to
var proxy = process.env.socks_proxy || 'socks://127.0.0.1:9050';
console.log('using proxy server %j', proxy);
// HTTP endpoint for the proxy to connect to
var endpoint = process.argv[2] || 'http://nodejs.org/api/';
console.log('attempting to GET %j', endpoint);
var opts = url.parse(endpoint);
// create an instance of the `SocksProxyAgent` class with the proxy server information
var agent = new SocksProxyAgent(proxy);
opts.agent = agent;
http.get(opts, function (res) {
console.log('"response" event!', res.headers);
res.pipe(process.stdout);
});
https
module example:
var url = require('url');
var https = require('https');
var SocksProxyAgent = require('socks-proxy-agent');
// SOCKS proxy to connect to
var proxy = process.env.socks_proxy || 'socks://127.0.0.1:9050';
console.log('using proxy server %j', proxy);
// HTTP endpoint for the proxy to connect to
var endpoint = process.argv[2] || 'https://encrypted.google.com/';
console.log('attempting to GET %j', endpoint);
var opts = url.parse(endpoint);
// create an instance of the `SocksProxyAgent` class with the proxy server information
// NOTE: the `true` second argument! Means to use TLS encryption on the socket
var agent = new SocksProxyAgent(proxy, true);
opts.agent = agent;
http.get(opts, function (res) {
console.log('"response" event!', res.headers);
res.pipe(process.stdout);
});
(The MIT License)
Copyright (c) 2013 Nathan Rajlich <nathan@tootallnate.net>
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Unknown package
The npm package socks-proxy-agent receives a total of 18,684,916 weekly downloads. As such, socks-proxy-agent popularity was classified as popular.
We found that socks-proxy-agent demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.