Package-Inferno
A Public Package Scanner for The Community. Scan npm packages for supply chain threats.
git clone https://github.com/MHaggis/Package-Inferno.git && pip install -r requirements.txt ⚠ The Problem
Supply chain attacks via malicious npm packages are increasingly common. Defenders need tools to scan and analyze packages for suspicious behavior.
✓ The Solution
Package-Inferno scans npm packages for indicators of supply chain compromise, helping identify malicious packages before they cause damage.
⚡ Impact
Provides defenders with an open source tool for npm package security analysis.
Overview
Package-Inferno is a community package scanner focused on identifying supply chain threats in npm packages.
Scan your npm packages
Related Modules
NPM-Threat-Emulation
Helping defenders learn and validate npm supply-chain detections with safe atomic tests.
SDDLMaker
The home of the SDDLMaker. Parse, create, and understand SDDL strings.
ShellSweep
ShellSweeping the evil. PowerShell/Python/Lua tool to detect potential web shells using entropy analysis, machine learning, and YARA rules.