|
|
|
|
|
|
by ashishbijlani
811 days ago
|
|
|
I’ve been building Packj [1] to detect such attacks. Packj can flag malicious, abandoned, typo-squatting, and other "risky" PyPI/NPM/Ruby/PHP dependencies. We use static, dynamic, & metadata analysis to scan for indicators of compromise (e.g., spawning of shell, use of SSH keys, network communication, use of decode+eval, etc.) OR presence of vulnerabilities. 1. https://github.com/ossillate-inc/packj |
|
|