d704c55683 | ||
---|---|---|
.github/scripts | ||
core | ||
packages | ||
LICENSE | ||
README.md | ||
database.json | ||
main.py | ||
requirements.txt |
README.md
Malpacks
Tools to find malicious packages inside package manager (PyPI, npm, and Gem)
Total malicious packages
- npm: 1823
- PyPI: 5985
- Gem: 725
Installation
Simply clone the repository, install requirements and run the script
- $ git clone https://github.com/daffainfo/malpacks
- $ pip3 install -r requirements.txt
- $ python3 main.py
Usage
Available options:
--all
option
To scan all the package managers (PyPI, npm, and Gem)
Example:
$ python3 main.py --all
--packages
option
Define package manager to test (PyPI, npm, and Gem)
Example:
$ python3 main.py --packages npm,pypi
To-Do List
- Scan a file that contain list of packages
- Scan requirements.txt (Python)
- Scan package.json (npm)
- More output options
- JSON
- YAML
- Add more package manager
- PyPI
- npm
- Gem
- Go
- Composer
- Add more malicious packages