GuardDog Logo

GuardDog

0
Free
Visit Website

GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages. It runs a set of heuristics on the package source code (through Semgrep rules) and on the package metadata. GuardDog can be used to scan local or remote PyPI and npm packages using any of the available heuristics. Getting started: Installation: - pip install guarddog - Or use the Docker image: docker pull ghcr.io/datadog/guarddog - alias guarddog='docker run --rm ghcr.io/datadog/guarddog' Note: On Windows, the only supported installation method is Docker. Sample usage: - Scan the most recent version of the 'requests' package: guarddog pypi scan requests - Scan a specific version of the 'requests' package: guarddog pypi scan requests --version 2.28.1 - Scan the 'request' package using 2 specific heuristics: guarddog pypi scan requests --rules exec-base64 --rules code-execution - Scan the 'requests' package using all rules but one: guarddog pypi scan requests --exclude-rules exec-base64 - Scan a local package: guarddog pypi scan /tmp/triage.tar.gz - Scan a local directory, the packages need to be located in the root directory For instance you have several pypi packages in ./samples/ like: ./samples/package

FEATURES

ALTERNATIVES

A Python library for automating time-based blind SQL injection attacks

IDA Pro plugin for finding crypto constants

dynStruct is a tool for monitoring memory accesses of an ELF binary and recovering structures of the original code.

Compact C framework for analyzing suspected malware documents and detecting exploits and embedded executables.

A simple Python script to test for a hypothetical JWT vulnerability

Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.

A PowerShell module for interacting with VirusTotal to analyze suspicious files and URLs.

A blind SQL injection tool written in Golang