sdc-check Logo

sdc-check

0
Free
Visit Website

Small tool to inform you about potential risks in your project dependencies list: - Lock file is not safe (lockfile-is-not-safe): During the development process a malicious actor could replace URLs in a lock file to package with malicious code (it is especially dangerous because it is hard to catch in PR review) - The newest package version is too new (package-is-too-new): A new version of a package could be vulnerable. It might be safer to wait X days before upgrading to the new version and let the community test it - Installation Script (install-scripts): An attacker can use installation scripts to run commands that perform malicious acts through the package installation step - Obfuscated code (obfuscated-code): A package contains obfuscated code which may point to an attempt of hiding potentially malicious code - A package has OS scripts (has-os-scripts): An attacker can use .bat/.sh scripts to execute malicious actions (downloading and launching mining apps, etc) - A package script has shell commands (dangerous-shell-commands): Package script could have potentially dangerous commands to perform malicious actions (curl, wget, chmod, cacls, etc) - The newest package version is released after

FEATURES

ALTERNATIVES

InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection

Open-Source framework for detecting and preventing dependency confusion leakage with a holistic approach and wide technology support.

An application security testing platform that combines automated scanning, AI assistance, and manual expert testing to provide continuous security assessment throughout the software development lifecycle.

A tool to conduct preliminary security checks in code, infrastructure, or IAM configurations using various open-source tools.

An automated code remediation tool that integrates with source control platforms to automatically fix security vulnerabilities in code through AI-driven analysis and one-click implementations.

Embeddable Yara library for Java with support for loading rules and scanning data.

A CSP plugin for hapi with per-route configuration options.

Lint lockfiles for improved security and trust policies.