sdc-check Logo

sdc-check

0
Free
Visit Website

Small tool to inform you about potential risks in your project dependencies list: - Lock file is not safe (lockfile-is-not-safe): During the development process a malicious actor could replace URLs in a lock file to package with malicious code (it is especially dangerous because it is hard to catch in PR review) - The newest package version is too new (package-is-too-new): A new version of a package could be vulnerable. It might be safer to wait X days before upgrading to the new version and let the community test it - Installation Script (install-scripts): An attacker can use installation scripts to run commands that perform malicious acts through the package installation step - Obfuscated code (obfuscated-code): A package contains obfuscated code which may point to an attempt of hiding potentially malicious code - A package has OS scripts (has-os-scripts): An attacker can use .bat/.sh scripts to execute malicious actions (downloading and launching mining apps, etc) - A package script has shell commands (dangerous-shell-commands): Package script could have potentially dangerous commands to perform malicious actions (curl, wget, chmod, cacls, etc) - The newest package version is released after

FEATURES

ALTERNATIVES

Drltrace is a dynamic API calls tracer for Windows and Linux applications.

A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL

Qwiet AI is an application security platform that combines SAST, SCA, container security, secrets detection, and SBOM scanning with AI-powered vulnerability prioritization and automated fix generation.

A learning and training project demonstrating common configuration errors in cloud environments.

A script that implements Cognito attacks such as Account Oracle or Priviledge Escalation

An integrated application security platform that combines software composition analysis, container scanning, and runtime security monitoring to identify and prioritize vulnerabilities based on actual usage and risk.

cwe_checker is a suite of checks to detect common bug classes in ELF binaries using Ghidra for firmware analysis.

An API security platform that provides automated security testing, runtime protection, and lifecycle management for APIs through integrated tools and controls.

PINNED