Audit Node Modules With YARA Rules Logo

Audit Node Modules With YARA Rules

A tool to run YARA rules against node_module folders to identify suspicious scripts

20
Application Security Open Source
NpmYaraCi CdSupply Chain Security
Visit website
Compare
Compare
0
Explore Application Security31 AlternativesCompareStacksMarket MapExplore All Tools
MCPThe entire cybersecurity market, one prompt awayTry MCP Access

Audit Node Modules With YARA Rules Description

The purpose of this tool is to run a given set of YARA rules against the given node_module folder. With this approach, We can define YARA rules to identify suspicious scripts which are injected into node packages. Mainly inspired by these articles: Malicious packages in npm, Malicious NPM packages target Amazon, Slack with new dependency attacks, Hunting malicious NPM packages. This package can be added to the CI/CD pipeline. Software Requirements: Docker, Docker Compose, Makefile. How to use: Clone this repo, execute audit operation with `make` command, report available in `artifacts/output.json`.

Audit Node Modules With YARA Rules FAQ

Common questions about Audit Node Modules With YARA Rules including features, pricing, alternatives, and user reviews.

Audit Node Modules With YARA Rules is A tool to run YARA rules against node_module folders to identify suspicious scripts. It is a Application Security solution designed to help security teams with NPM, YARA, CI/CD.

Have more questions? Browse our categories or search for specific tools.

FEATURED

Push Security Logo
Push Security
Zero Trust
CybersecRadars Logo
CybersecRadars
Threat Management
Hudson Rock Logo
Hudson Rock
Threat Management
Get Featured

ALTERNATIVES

FossID Software Composition Analysis Logo
FossID Software Composition Analysis

SCA tool for code scanning, license identification, and SBOM generation

0
Xygeni Malware Across DevOps Logo
Xygeni Malware Across DevOps

Malware detection across SDLC, DevOps pipelines, and open-source components

0
Veracode Secure Your Software Supply Chain Logo
Veracode Secure Your Software Supply Chain

Software supply chain security platform with SCA, package firewall & threat intel

0
MatosSphere Software Composition Analysis Logo
MatosSphere Software Composition Analysis

SCA tool for detecting vulnerabilities & license risks in open-source deps

0
Wiz Supply Chain Security Logo
Wiz Supply Chain Security

Cloud-native SCA and SBOM platform for supply chain security across code to runtime

0

POPULAR

RoboShadow Logo
RoboShadow
Vulnerability Assessment
OSINTLeak Real-time OSINT Leak Intelligence Logo
OSINTLeak Real-time OSINT Leak Intelligence
Threat Intelligence Platforms
Cybersec Feeds Logo
Cybersec Feeds
Threat Intelligence Platforms
TestSavant AI Security Assurance Platform Logo
TestSavant AI Security Assurance Platform
AI Red Teaming
Fabric Platform by BlackStork Logo
Fabric Platform by BlackStork
Security Information and Event Management
View Popular Tools →

TRENDING CATEGORIES

Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
509
Threat Intelligence Platforms
TIP for collecting, analyzing, and sharing cyber threat data, indicators of compromise (IOCs), and threat feeds.
357
Penetration Testing
Penetration testing tools and frameworks for manual security testing, exploit development, and vulnerability validation.
263
Offensive Security
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
246
Identity Governance and Administration
Identity Governance and Administration (IGA) platforms for identity lifecycle management, access governance, role management, and compliance reporting.
230
View All Categories →

Stay Updated with Mandos Brief

Get strategic cybersecurity insights in your inbox