Visit Website

GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages. It runs a set of heuristics on the package source code (through Semgrep rules) and on the package metadata. GuardDog can be used to scan local or remote PyPI and npm packages using any of the available heuristics. Getting started: Installation: - pip install guarddog - Or use the Docker image: docker pull ghcr.io/datadog/guarddog - alias guarddog='docker run --rm ghcr.io/datadog/guarddog' Note: On Windows, the only supported installation method is Docker. Sample usage: - Scan the most recent version of the 'requests' package: guarddog pypi scan requests - Scan a specific version of the 'requests' package: guarddog pypi scan requests --version 2.28.1 - Scan the 'request' package using 2 specific heuristics: guarddog pypi scan requests --rules exec-base64 --rules code-execution - Scan the 'requests' package using all rules but one: guarddog pypi scan requests --exclude-rules exec-base64 - Scan a local package: guarddog pypi scan /tmp/triage.tar.gz - Scan a local directory, the packages need to be located in the root directory For instance you have several pypi packages in ./samples/ like: ./samples/package

FEATURES

ALTERNATIVES

A Yara ruleset for detecting PHP shells and other webserver malware.

A tutorial on setting up a virtual ARM environment, reversing ARM binaries, and writing basic exploits for ARM using the trafman challenge of rwthCTF as an example.

A library for running basic functions from stripped binaries cross platform.

A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.

A Python-based tool for detecting XSS vulnerabilities

A library and command line interface for extracting URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora.

A PowerShell obfuscation detection framework designed to highlight the limitations of signature-based detection and provide a scalable means of detecting known and unknown obfuscation techniques.

Checksec is a bash script to check the properties of executables like PIE, RELRO, Canaries, ASLR, Fortify Source.

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved