Home

Awesome

Table of Contents

Introduction

This project analyzes open source projects for malware.

Due to the high demand of the community, we decide to open source the code as it is now, to allow collaboration. The majority of the code is updated until May 2019, which indicates that some components may not work any more. Especially the components that depends on external tools (e.g. Sysdig, Airflow) or APIs (e.g. Npm).

We are actively working on the testing and improvements. Please find the todo list here. For how to run commands, please refer to howto section. For how to deploy on machines, please refer to deploy instructions. For how to request access to the supply chain attack samples, please refer to request instructions

This repository is open sourced under MIT license. If you find this repository helpful, please cite our paper:

@inproceedings{duan2021measuring,
  title={Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages},
  author={Duan, Ruian and Alrawi, Omar and Kasturi, Ranjita Pai and Elder, Ryan and Saltaformaggio, Brendan and Lee, Wenke},
  booktitle = {28th Annual Network and Distributed System Security Symposium, {NDSS}},
  month     = Feb,
  year      = {2021},
  url       = {https://www.ndss-symposium.org/wp-content/uploads/ndss2021_1B-1_23055_paper.pdf}
}

Prerequisite

Basics

Dependencies

Development

Structure

Instructions

HowTo

select_pm

select_pkg

crawl

edit_dist

download

get_versions

get_author

get_dep

get_stats

build_dep

build_author

split_graph

install

astgen

astfilter

taint

filter_pkg

static

dynamic

interpret_trace

compare_ast

filter_versions

compare_hash

interpret_result

grep_pkg

speedup

Tool

Internet-wide scanning

Statistics for different package managers

Static analysis tools for different languages

AST parsers for different languages

Resource

Reference