Mininode is a tool, which helps to reduce the attack surface of the Node.js applications by removing the unused modules and functions within the modules. Mininode uses static analysis to detect which parts of the code is actually used to construct the detailed dependency graph. In the current implementation Mininode supports coarse-grained and fine-grained reduction modes.


  1. Mininode: Reducing the Attack Surface of Node.js Applications
    Igibek Koishybayev, Alexandros Kapravelos
    Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2020
    [PDF] [Bibtex] [website]


The source code is available on Github