issues
search
DataDog
/
guarddog
:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages
https://securitylabs.datadoghq.com/articles/guarddog-identify-malicious-pypi-packages/
Apache License 2.0
579
stars
42
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Bump setuptools from 70.3.0 to 73.0.1
#447
dependabot[bot]
closed
5 days ago
0
Bump mypy from 1.11.0 to 1.11.2
#446
dependabot[bot]
closed
5 days ago
0
Bugfix: obfuscation False Positive
#445
sobregosodd
closed
1 week ago
0
Fix YARA execution bugs
#444
sobregosodd
closed
6 days ago
0
Bump setuptools from 70.3.0 to 72.2.0
#443
dependabot[bot]
closed
6 days ago
1
npm-obfuscation False Positive
#442
sobregosodd
closed
1 week ago
0
Bump prettytable from 3.10.2 to 3.11.0
#441
dependabot[bot]
closed
5 days ago
0
Change logging stream to stderr.
#440
scovetta
opened
3 weeks ago
3
Bump mypy from 1.11.0 to 1.11.1
#439
dependabot[bot]
closed
6 days ago
1
Bump flake8 from 7.1.0 to 7.1.1
#438
dependabot[bot]
closed
5 days ago
0
Bump setuptools from 70.3.0 to 72.1.0
#437
dependabot[bot]
closed
1 week ago
1
Bump coverage from 7.6.0 to 7.6.1
#436
dependabot[bot]
closed
5 days ago
0
Adding new patterns to detect obfuscation
#435
sobregosodd
closed
4 weeks ago
0
Adding new link domains to shady-links
#434
sobregosodd
closed
3 weeks ago
0
Update top pkgs resources for NPM and PYPI
#433
sobregosodd
closed
1 month ago
0
Missing NPM heuristic: download-executable
#432
sobregosodd
opened
1 month ago
0
Improve shady-links rule
#431
sobregosodd
closed
1 month ago
0
Expand allowed tar archive compression algorithms
#430
ikretz
closed
1 month ago
0
Removing npm-install-script False Positives
#429
sobregosodd
closed
1 month ago
0
Bump pytest from 8.2.2 to 8.3.2
#428
dependabot[bot]
closed
1 month ago
0
Overly restrictive tarball file extension checking
#427
ikretz
closed
1 month ago
0
Standardize local scanning behavior
#426
ikretz
closed
1 month ago
0
Unexpected behavior for local directory scan
#425
ikretz
closed
1 month ago
0
Bump mypy from 1.10.1 to 1.11.0
#424
dependabot[bot]
closed
1 month ago
0
Bump pytest from 8.2.2 to 8.3.1
#423
dependabot[bot]
closed
1 month ago
1
Eliminate Package class
#422
ikretz
closed
1 month ago
0
Bugfix: Adding permissions to traverse extracted files and folders
#421
sobregosodd
closed
1 month ago
0
Add detection for Python sqlite3 data exfiltration
#420
ikretz
closed
1 month ago
1
Simplify local target checks
#419
ikretz
closed
1 month ago
2
Bump coverage from 7.5.4 to 7.6.0
#418
dependabot[bot]
closed
1 month ago
0
Bump prettytable from 3.10.0 to 3.10.2
#417
dependabot[bot]
closed
1 month ago
0
Consolidate local target checks
#416
ikretz
closed
1 month ago
0
Null result messages are dropped by metadata analysis
#415
ikretz
closed
1 month ago
2
Improve DLL hijacking rule coverage
#414
ikretz
closed
1 month ago
0
[SINT-2119] Support Go ecosystem
#413
juliendoutre
closed
1 month ago
0
add setuptools to dependencies
#412
xopham
closed
1 month ago
0
Unused callback function argument in PackageScanner
#411
ikretz
closed
1 month ago
0
Bump pygit2 from 1.15.0 to 1.15.1
#410
dependabot[bot]
closed
1 month ago
0
Bump disposable-email-domains from 0.0.103 to 0.0.104
#409
dependabot[bot]
closed
1 month ago
0
Bump certifi from 2023.7.22 to 2024.7.4
#408
dependabot[bot]
closed
1 month ago
0
Remove duplicated sourcode findings
#407
sobregosodd
closed
1 month ago
0
Hotfix: No rules are ran by default
#406
sobregosodd
closed
1 month ago
0
Fix rules filtering
#405
sobregosodd
closed
1 month ago
0
Received unsupported operand type(s) for &: 'set' and 'tuple'%
#404
fjmnav-nudge
closed
1 month ago
4
Bump setuptools from 70.0.0 to 70.2.0
#403
dependabot[bot]
closed
2 months ago
0
Bump mypy from 1.10.0 to 1.10.1
#402
dependabot[bot]
closed
2 months ago
0
Adding support for running YARA as sourcecode rules
#401
sobregosodd
closed
1 month ago
0
Improve detection to avoid memory over-usage
#400
sobregosodd
closed
2 months ago
0
Bugfix: Input rules are not correctly set in analyzers
#399
sobregosodd
closed
2 months ago
0
Bump coverage from 7.5.3 to 7.5.4
#398
dependabot[bot]
closed
2 months ago
0
Next