Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
tcp-over-websockets
Advanced tools
tcp-over-websockets
Tunnel TCP through WebSockets. Access anything you want, even from a crappy WiFi which only allows HTTPS.
Note: chisel is probably the same thing but better. @mdslab/wstun is similar.
tunneling client
Using npx:
npx tcp-over-websockets wss://example.org github.com:22 8022
Or by installing manually:
npm install -g tcp-over-websockets
tcp-over-websockets wss://example.org github.com:22 8022
This will expose github.com:22 on localhost:8022, tunneled through a tunneling server at example.org.
Works like ssh -N -L 8022:github.com:22 user@example.org, except that it's TCP over WebSockets instead of TCP over SSH.
tunneling server
Using npx:
npx -p tcp-over-websockets tcp-over-websockets-server
Or by installing manually:
npm i -g tcp-over-websockets
tcp-over-websockets-server
Contributing
If you have a question, found a bug or want to propose a feature, have a look at the issues page.
FAQs
Tunnel TCP through WebSockets.
The npm package tcp-over-websockets receives a total of 54 weekly downloads. As such, tcp-over-websockets popularity was classified as not popular.
We found that tcp-over-websockets demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 25 Feb 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024