Check package.json dependencies against vulnerability lists (OSV)
haveibeenpwned is a command-line application that uses HaveIBeenPwned service and can create and use Binary Fuse filter for efficient query at cost of false positives.
cli tool to download leaked password hashes from haveibeenpwned api.