@lateos/npm-scan 0.11.4 → 0.11.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.de.md +2 -1
- package/README.fr.md +2 -1
- package/README.ja.md +2 -1
- package/README.md +2 -1
- package/README.zh.md +2 -1
- package/package.json +1 -1
package/README.de.md
CHANGED
|
@@ -38,7 +38,8 @@ Angreifer haben sich längst über einfaches Typosquatting hinausentwickelt. Sie
|
|
|
38
38
|
| Bekannte CVE-Übereinstimmung | ✅ | ✅ | ❌ | ✅ |
|
|
39
39
|
| Statische Analyse | ❌ | ✅ | ✅ | ✅ |
|
|
40
40
|
| Erkennung obfuskierter Payloads | ❌ | ❌ | ❌ | ✅ |
|
|
41
|
-
|
|
|
41
|
+
| AST-Level heuristische Analyse | ❌ | ❌ | ❌ | ✅ |
|
|
42
|
+
| Runtime-Verhaltenssandbox | ❌ | ❌ | ✅ | ✅ |
|
|
42
43
|
| Erkennung bedingter Auslöser (ATK-009) | ❌ | ❌ | ❌ | ✅ |
|
|
43
44
|
| Sandbox-Evasion-Erkennung (ATK-010) | ❌ | ❌ | ❌ | ✅ |
|
|
44
45
|
| Transitive Wurmverbreitung (ATK-011) | ❌ | ❌ | ❌ | ✅ |
|
package/README.fr.md
CHANGED
|
@@ -38,7 +38,8 @@ Les attaquants ont dépassé le simple typosquatting. Ils livrent désormais des
|
|
|
38
38
|
| Correspondance CVE connus | ✅ | ✅ | ❌ | ✅ |
|
|
39
39
|
| Analyse statique | ❌ | ✅ | ✅ | ✅ |
|
|
40
40
|
| Détection de charges utiles obfusquées | ❌ | ❌ | ❌ | ✅ |
|
|
41
|
-
| Analyse
|
|
41
|
+
| Analyse heuristique au niveau AST | ❌ | ❌ | ❌ | ✅ |
|
|
42
|
+
| Bac à sable comportemental runtime | ❌ | ❌ | ✅ | ✅ |
|
|
42
43
|
| Détection de déclencheurs conditionnels (ATK-009) | ❌ | ❌ | ❌ | ✅ |
|
|
43
44
|
| Détection de contournement de sandbox (ATK-010) | ❌ | ❌ | ❌ | ✅ |
|
|
44
45
|
| Propagation transitive de ver (ATK-011) | ❌ | ❌ | ❌ | ✅ |
|
package/README.ja.md
CHANGED
|
@@ -38,7 +38,8 @@
|
|
|
38
38
|
| 既知CVEマッチング | ✅ | ✅ | ❌ | ✅ |
|
|
39
39
|
| 静的解析 | ❌ | ✅ | ✅ | ✅ |
|
|
40
40
|
| 難読化ペイロード検出 | ❌ | ❌ | ❌ | ✅ |
|
|
41
|
-
|
|
|
41
|
+
| ASTレベル、ヒューリスティック解析 | ❌ | ❌ | ❌ | ✅ |
|
|
42
|
+
| ランタイム行動サンドボックス | ❌ | ❌ | ✅ | ✅ |
|
|
42
43
|
| 条件付きトリガー検出 (ATK-009) | ❌ | ❌ | ❌ | ✅ |
|
|
43
44
|
| サンドボックス回避検出 (ATK-010) | ❌ | ❌ | ❌ | ✅ |
|
|
44
45
|
| 推移的ワーム伝播 (ATK-011) | ❌ | ❌ | ❌ | ✅ |
|
package/README.md
CHANGED
|
@@ -37,7 +37,8 @@ Attackers have moved past simple typosquatting. They now ship **obfuscated prein
|
|
|
37
37
|
| Known CVE matching | ✅ | ✅ | ❌ | ✅ |
|
|
38
38
|
| Static analysis | ❌ | ✅ | ✅ | ✅ |
|
|
39
39
|
| Obfuscated payload detection | ❌ | ❌ | ❌ | ✅ |
|
|
40
|
-
|
|
|
40
|
+
| AST-level heuristic analysis | ❌ | ❌ | ❌ | ✅ |
|
|
41
|
+
| Runtime behavioral sandbox | ❌ | ❌ | ✅ | ✅ |
|
|
41
42
|
| Conditional trigger detection (ATK-009) | ❌ | ❌ | ❌ | ✅ |
|
|
42
43
|
| Sandbox evasion detection (ATK-010) | ❌ | ❌ | ❌ | ✅ |
|
|
43
44
|
| Transitive worm propagation (ATK-011) | ❌ | ❌ | ❌ | ✅ |
|
package/README.zh.md
CHANGED
|
@@ -38,7 +38,8 @@
|
|
|
38
38
|
| 已知 CVE 匹配 | ✅ | ✅ | ❌ | ✅ |
|
|
39
39
|
| 静态分析 | ❌ | ✅ | ✅ | ✅ |
|
|
40
40
|
| 混淆载荷检测 | ❌ | ❌ | ❌ | ✅ |
|
|
41
|
-
|
|
|
41
|
+
| AST 级启发式分析 | ❌ | ❌ | ❌ | ✅ |
|
|
42
|
+
| 运行时行为沙箱 | ❌ | ❌ | ✅ | ✅ |
|
|
42
43
|
| 条件触发器检测 (ATK-009) | ❌ | ❌ | ❌ | ✅ |
|
|
43
44
|
| 沙箱逃逸检测 (ATK-010) | ❌ | ❌ | ❌ | ✅ |
|
|
44
45
|
| 传递性蠕虫传播 (ATK-011) | ❌ | ❌ | ❌ | ✅ |
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@lateos/npm-scan",
|
|
3
|
-
"version": "0.11.
|
|
3
|
+
"version": "0.11.5",
|
|
4
4
|
"description": "Modern npm supply chain security scanner — detects obfuscated payloads, credential stealers, conditional triggers, sandbox evasion, and worm-like propagation. 11 attack types, SBOM, NIST/EU CRA compliance reporting.",
|
|
5
5
|
"main": "backend/index.js",
|
|
6
6
|
"bin": {
|