UNPKG

@mathiscode/codebase-scanner

Version:

Scan a codebase for malware signatures

github.com/mathiscode/codebase-scanner

mathiscode/codebase-scanner

100 lines (86 loc) 2.51 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
export default [ { name: 'Obfuscated Javascript (Base64 "platform")', signature: 'cGxhdGZvcm0', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' }, { name: 'Obfuscated Javascript (Base64 "eval")', signature: 'ZXZhbAo=', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' }, { name: 'Obfuscated Javascript (Base64 "team15")', signature: 'dGVhbTE1', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' }, { name: 'Obfuscated Javascript (Buffered "child_process")', signature: 'FhwPVBErFkoaFwNLBg', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' }, { name: 'Obfuscated Javascript (Buffered "Local State")', signature: 'ORsFWRlUNUwUAAM', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' }, { name: 'Obfuscated Javascript (Hex Functions)', signature: 'function(_0x', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' }, { name: 'Obfuscated Javascript (Function Constructor)', signature: 'new Function(', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' }, { name: 'Eval', signature: 'eval(', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'warning' }, { name: 'Evaluated Response (res)', signature: 'eval(res', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' }, { name: 'Evaluated Response (err)', signature: 'eval(err', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' }, { name: 'Malicious Endpoint (Fake Alchemy API)', signature: 'alchemy-api-v3.cloud', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' }, { name: 'Escaped Unicode', signature: '\\u0', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'warning' }, { name: 'Reassigned Eval', signature: '=eval', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' }, { name: 'Reassigned Eval', signature: '= eval', extensions: ['js', 'mjs', 'cjs', 'ts', 'mts', 'cts', 'jsx', 'tsx'], level: 'malicious' } ]