typosquatting 0.1.0

data/lib/typosquatting/sbom.rb

@@ -0,0 +1,98 @@
+# frozen_string_literal: true
+
+require "sbom"
+require "purl"
+
+module Typosquatting
+  class SBOMChecker
+    attr_reader :sbom
+
+    def initialize(file_path)
+      @sbom = Sbom::Parser.new.parse_file(file_path)
+    end
+
+    def check
+      results = []
+
+      sbom.packages.each do |pkg|
+        purl_string = extract_purl(pkg)
+        next unless purl_string
+
+        begin
+          purl = Purl.parse(purl_string)
+        rescue StandardError
+          next
+        end
+
+        begin
+          ecosystem = Ecosystems::Base.get(purl.type)
+        rescue ArgumentError
+          next
+        end
+
+        package_name = purl.namespace ? "#{purl.namespace}/#{purl.name}" : purl.name
+        suspicions = find_typosquat_matches(package_name, ecosystem)
+        next if suspicions.empty?
+
+        results << SBOMResult.new(
+          name: package_name,
+          version: purl.version,
+          ecosystem: purl.type,
+          purl: purl_string,
+          suspicions: suspicions
+        )
+      end
+
+      results
+    end
+
+    SBOMResult = Struct.new(:name, :version, :ecosystem, :purl, :suspicions, keyword_init: true) do
+      def to_h
+        {
+          name: name,
+          version: version,
+          ecosystem: ecosystem,
+          purl: purl,
+          similar_to: suspicions.map(&:to_h)
+        }
+      end
+    end
+
+    Suspicion = Struct.new(:name, :algorithm, :registries, keyword_init: true) do
+      def to_h
+        {
+          name: name,
+          algorithm: algorithm,
+          registries: registries
+        }
+      end
+    end
+
+    def extract_purl(package)
+      refs = package[:external_references] || []
+      purl_ref = refs.find { |r| r[1] == "purl" }
+      purl_ref&.[](2)
+    end
+
+    def find_typosquat_matches(package_name, ecosystem)
+      generator = Generator.new(ecosystem: ecosystem)
+      lookup = Lookup.new(ecosystem: ecosystem)
+
+      variants = generator.generate(package_name)
+      suspicions = []
+
+      variants.each do |variant|
+        result = lookup.check(variant.name)
+        next unless result.exists?
+
+        suspicions << Suspicion.new(
+          name: variant.name,
+          algorithm: variant.algorithm,
+          registries: result.registries
+        )
+      end
+
+      suspicions
+    end
+  end
+end

data/lib/typosquatting/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Typosquatting
+  VERSION = "0.1.0"
+end

data/lib/typosquatting.rb

@@ -0,0 +1,103 @@
+# frozen_string_literal: true
+
+require_relative "typosquatting/version"
+
+require_relative "typosquatting/algorithms/base"
+require_relative "typosquatting/algorithms/omission"
+require_relative "typosquatting/algorithms/repetition"
+require_relative "typosquatting/algorithms/replacement"
+require_relative "typosquatting/algorithms/transposition"
+require_relative "typosquatting/algorithms/addition"
+require_relative "typosquatting/algorithms/homoglyph"
+require_relative "typosquatting/algorithms/vowel_swap"
+require_relative "typosquatting/algorithms/delimiter"
+require_relative "typosquatting/algorithms/word_order"
+require_relative "typosquatting/algorithms/plural"
+require_relative "typosquatting/algorithms/misspelling"
+require_relative "typosquatting/algorithms/numeral"
+
+require_relative "typosquatting/ecosystems/base"
+require_relative "typosquatting/ecosystems/pypi"
+require_relative "typosquatting/ecosystems/npm"
+require_relative "typosquatting/ecosystems/rubygems"
+require_relative "typosquatting/ecosystems/cargo"
+require_relative "typosquatting/ecosystems/golang"
+require_relative "typosquatting/ecosystems/maven"
+require_relative "typosquatting/ecosystems/nuget"
+require_relative "typosquatting/ecosystems/composer"
+require_relative "typosquatting/ecosystems/hex"
+require_relative "typosquatting/ecosystems/pub"
+
+require_relative "typosquatting/generator"
+require_relative "typosquatting/lookup"
+require_relative "typosquatting/confusion"
+require_relative "typosquatting/sbom"
+require_relative "typosquatting/cli"
+
+module Typosquatting
+  class Error < StandardError; end
+
+  class << self
+    def generate(package_name, ecosystem:)
+      generator = Generator.new(ecosystem: ecosystem)
+      generator.generate(package_name).map(&:name)
+    end
+
+    def generate_with_algorithms(package_name, ecosystem:)
+      generator = Generator.new(ecosystem: ecosystem)
+      generator.generate(package_name)
+    end
+
+    def check(package_name, ecosystem:)
+      generator = Generator.new(ecosystem: ecosystem)
+      variants = generator.generate(package_name)
+
+      lookup = Lookup.new(ecosystem: ecosystem)
+      variants.map do |variant|
+        result = lookup.check(variant.name)
+        CheckResult.new(
+          name: variant.name,
+          algorithm: variant.algorithm,
+          exists: result.exists?,
+          registries: result.packages.map { |p| RegistryInfo.new(p.dig("registry", "name"), p.dig("registry", "url")) }
+        )
+      end
+    end
+
+    def check_confusion(package_name, ecosystem:)
+      confusion = Confusion.new(ecosystem: ecosystem)
+      confusion.check(package_name)
+    end
+  end
+
+  CheckResult = Struct.new(:name, :algorithm, :exists, :registries, keyword_init: true) do
+    def exists?
+      exists
+    end
+
+    def to_h
+      {
+        name: name,
+        algorithm: algorithm,
+        exists: exists?,
+        registries: registries.map(&:to_h)
+      }
+    end
+  end
+
+  RegistryInfo = Struct.new(:name, :url) do
+    def to_h
+      { name: name, url: url }
+    end
+  end
+
+  module Ecosystem
+    def self.get(name)
+      Ecosystems::Base.get(name)
+    end
+
+    def self.all
+      Ecosystems::Base.all
+    end
+  end
+end

data/sig/typosquatting.rbs

@@ -0,0 +1,4 @@
+module Typosquatting
+  VERSION: String
+  # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+end

metadata

@@ -0,0 +1,114 @@
+--- !ruby/object:Gem::Specification
+name: typosquatting
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Andrew Nesbitt
+bindir: exe
+cert_chain: []
+date: 1980-01-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: sbom
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+- !ruby/object:Gem::Dependency
+  name: purl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+description: Generate typosquat variants of package names and check if they exist
+  on package registries. Supports PyPI, npm, RubyGems, Cargo, Go, Maven, NuGet, Composer,
+  Hex, and Pub.
+email:
+- andrewnez@gmail.com
+executables:
+- typosquatting
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
+- CODE_OF_CONDUCT.md
+- LICENSE
+- README.md
+- Rakefile
+- exe/typosquatting
+- lib/typosquatting.rb
+- lib/typosquatting/algorithms/addition.rb
+- lib/typosquatting/algorithms/base.rb
+- lib/typosquatting/algorithms/delimiter.rb
+- lib/typosquatting/algorithms/homoglyph.rb
+- lib/typosquatting/algorithms/misspelling.rb
+- lib/typosquatting/algorithms/numeral.rb
+- lib/typosquatting/algorithms/omission.rb
+- lib/typosquatting/algorithms/plural.rb
+- lib/typosquatting/algorithms/repetition.rb
+- lib/typosquatting/algorithms/replacement.rb
+- lib/typosquatting/algorithms/transposition.rb
+- lib/typosquatting/algorithms/vowel_swap.rb
+- lib/typosquatting/algorithms/word_order.rb
+- lib/typosquatting/cli.rb
+- lib/typosquatting/confusion.rb
+- lib/typosquatting/ecosystems/base.rb
+- lib/typosquatting/ecosystems/cargo.rb
+- lib/typosquatting/ecosystems/composer.rb
+- lib/typosquatting/ecosystems/golang.rb
+- lib/typosquatting/ecosystems/hex.rb
+- lib/typosquatting/ecosystems/maven.rb
+- lib/typosquatting/ecosystems/npm.rb
+- lib/typosquatting/ecosystems/nuget.rb
+- lib/typosquatting/ecosystems/pub.rb
+- lib/typosquatting/ecosystems/pypi.rb
+- lib/typosquatting/ecosystems/rubygems.rb
+- lib/typosquatting/generator.rb
+- lib/typosquatting/lookup.rb
+- lib/typosquatting/sbom.rb
+- lib/typosquatting/version.rb
+- sig/typosquatting.rbs
+homepage: https://github.com/andrew/typosquatting
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://github.com/andrew/typosquatting
+  source_code_uri: https://github.com/andrew/typosquatting
+  changelog_uri: https://github.com/andrew/typosquatting/blob/main/CHANGELOG.md
+  rubygems_mfa_required: 'true'
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.2.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 4.0.1
+specification_version: 4
+summary: Detect potential typosquatting packages across package ecosystems
+test_files: []