DataDog / guarddog

:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages
https://securitylabs.datadoghq.com/articles/guarddog-identify-malicious-pypi-packages/
Apache License 2.0
629 stars 44 forks source link

Add detection for Python sqlite3 data exfiltration #420

Closed ikretz closed 4 months ago

ikretz commented 4 months ago

This PR extends the exfiltrate-sensitive-data rule with a detection for data exfiltration using sqlite3, based on samples observed in the wild.

Closes #232

datadog-datadog-prod-us1[bot] commented 4 months ago

Library Vulnerabilities

:white_check_mark: No library vulnerabilities found (scanned c2cf5b1).