npm
Sign UpSign In

@stepsec/malware-simulator

0.0.3 • Public • Published

Malware-Simulator Package

To simulate behavior of past compromised packages, StepSecurity has created a package called @stepsec/malware-simulator. The simulator is NOT actual malware; the package just makes an outbound call to stepsec.github.io in a preinstall step

This package can be used by developers to:

  1. Understand how malicious packages make outbound calls as part of the install steps
  2. How the Harden-Runner GitHub Action can find this behavior (tutorial)
  3. Use as a test package for your applications – to check if defenses are working as expected

You can think of the @stepsec/malware-simulator being similar to the EICAR anti-virus simulator file, which is used as a test file for anti-virus software.

Readme

Keywords

none

Package Sidebar

Install

npm i @stepsec/malware-simulator

Repository

github.com/stepsec/supply-chain-goat

Homepage

github.com/stepsec/supply-chain-goat/tree/main/malware-simulator

Weekly Downloads

1

Version

0.0.3

License

Apache-2.0

Unpacked Size

2.35 kB

Total Files

6

Last publish

Collaborators

  • sulaiman-coder
Try on RunKit
Report malware