Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
wwebjs-devsakae
Advanced tools
Library for interacting with the WhatsApp Web API with some changing by devsakae
A WhatsApp API client that connects through the WhatsApp Web browser app
The library works by launching the WhatsApp Web browser application and managing it using Puppeteer to create an instance of WhatsApp Web, thereby mitigating the risk of being blocked. The WhatsApp API client connects through the WhatsApp Web browser app, accessing its internal functions. This grants you access to nearly all the features available on WhatsApp Web, enabling dynamic handling similar to any other Node.js application.
[!IMPORTANT] It is not guaranteed you will not be blocked by using this method. WhatsApp does not allow bots or unofficial clients on their platform, so this shouldn't be considered totally safe.
The module is now available on npm! npm i whatsapp-web.js
[!NOTE] Node
v18+
is required.
Just get the latest LTS from the official node website.
sudo npm install -g n
sudo n stable
choco install nodejs-lts
winget install OpenJS.NodeJS.LTS
curl -fsSL https://deb.nodesource.com/setup_lts.x | sudo -E bash - &&\
sudo apt-get install -y nodejs
const { Client } = require('whatsapp-web.js');
const client = new Client();
client.on('qr', (qr) => {
// Generate and scan this code with your phone
console.log('QR RECEIVED', qr);
});
client.on('ready', () => {
console.log('Client is ready!');
});
client.on('message', msg => {
if (msg.body == '!ping') {
msg.reply('pong');
}
});
client.initialize();
Take a look at example.js for another examples with additional use cases.
For further details on saving and restoring sessions, explore the provided Authentication Strategies.
Feature | Status |
---|---|
Multi Device | ✅ |
Send messages | ✅ |
Receive messages | ✅ |
Send media (images/audio/documents) | ✅ |
Send media (video) | ✅ (requires Google Chrome) |
Send stickers | ✅ |
Receive media (images/audio/video/documents) | ✅ |
Send contact cards | ✅ |
Send location | ✅ |
Send buttons | ❌ (DEPRECATED) |
Send lists | ❌ (DEPRECATED) |
Receive location | ✅ |
Message replies | ✅ |
Join groups by invite | ✅ |
Get invite for group | ✅ |
Modify group info (subject, description) | ✅ |
Modify group settings (send messages, edit info) | ✅ |
Add group participants | ✅ |
Kick group participants | ✅ |
Promote/demote group participants | ✅ |
Mention users | ✅ |
Mention groups | ✅ |
Mute/unmute chats | ✅ |
Block/unblock contacts | ✅ |
Get contact info | ✅ |
Get profile pictures | ✅ |
Set user status message | ✅ |
React to messages | ✅ |
Create polls | ✅ |
Vote in polls | 🔜 |
Communities | 🔜 |
Channels | 🔜 |
Something missing? Make an issue and let us know!
Feel free to open pull requests; we welcome contributions! However, for significant changes, it's best to open an issue beforehand. Make sure to review our contribution guidelines before creating a pull request. Before creating your own issue or pull request, always check to see if one already exists!
You can support the maintainer of this project through the links below
This project is not affiliated, associated, authorized, endorsed by, or in any way officially connected with WhatsApp or any of its subsidiaries or its affiliates. The official WhatsApp website can be found at whatsapp.com. "WhatsApp" as well as related names, marks, emblems and images are registered trademarks of their respective owners. Also it is not guaranteed you will not be blocked by using this method. WhatsApp does not allow bots or unofficial clients on their platform, so this shouldn't be considered totally safe.
Copyright 2019 Pedro S Lopez
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this project except in compliance with the License.
You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
FAQs
Library for interacting with the WhatsApp Web API with some changing by devsakae
We found that wwebjs-devsakae demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.