From ad6b14f8c4a9c202b1371d7421caab84e56b6181 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ulises=20Gasc=C3=B3n?=
 <4322632+EVINADAPCIPvb@users.noreply.github.com>
Date: Tue, 4 Aug 2020 18:13:28 +0200
Subject: [PATCH] docs(tooling): add Bourne to Security Hardering section (#47)

Context:
- [Suggested at Express](https://github.com/expressjs/body-parser/issues/347#issuecomment-461844627)
- [Prototype Pollution attack details](https://guidesmiths.github.io/cybersecurity-handbook/attacks_explained/prototype_pollution)
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index e2ec90f..a6c6c4d 100644
--- a/README.md
+++ b/README.md
@@ -90,6 +90,7 @@ A curated list of awesome Node.js Security resources.
 - [rate-limiter-flexible](https://www.npmjs.com/package/rate-limiter-flexible) - Fast, flexible and friendly rate limiter by key and protection from DDoS and brute force attacks in process Memory, Cluster, Redis, MongoDb, MySQL, PostgreSQL at any scale. Express and Koa examples included.
 - [tor-detect-middleware](https://github.com/UlisesGascon/tor-detect-middleware) Tor detect middleware for express
 - [express-enforces-ssl](https://github.com/hengkiardo/express-enforces-ssl) Enforces SSL for Express based Node.js projects. It is however highly advised that you handle SSL and global HTTP rules in a front proxy.
+- [bourne](https://github.com/hapijs/bourne) `JSON.parse()` drop-in replacement with prototype poisoning protection.
 
 
 # Security Incidents