Secure your dependencies. Ship with confidence.

This module is a straightforward Slowloris DoS tool. It intentionally opens and maintains many TCP connections and sends periodic partial headers to a target host to exhaust server resources. The code is not obfuscated and its malicious purpose is explicit. It should not be executed against systems without explicit authorization. Operational risks include legal exposure and local resource exhaustion. No signs of credential harvesting or stealthy backdoor behavior were found, but the package is nonetheless malicious in function.

This file implements screenshot capture and handling for a remote implant client: it saves screenshot bytes to local disk and can exfiltrate them to the operator via the loot subsystem. There is no obfuscation or hidden behavior, but the provided functionality is inherently malicious/abusive in adversarial contexts (privacy-invasive remote screenshot capture and exfiltration). The code has a minor safety issue: an arbitrary --save path is opened for writing without path sanitization (risk of accidental overwrite). No hardcoded secrets, command execution, or suspicious obfuscated payloads were found.

The supplied assembly embeds a heavily obfuscated runtime loader/unpacker that reads and decrypts embedded blobs, allocates executable native memory, copies payloads there, and creates delegates to execute them. These behaviors are not consistent with a benign Revit UI utility library and are classic indicators of a fileless loader/backdoor. This package should be treated as high risk and not used in production until fully audited and explained by the vendor.

High confidence malicious supply-chain loader behavior. Despite many business-service methods being stubbed in this fragment, the included obfuscated internal component performs anti-tamper checks, unpacks embedded resources, manipulates executable memory via P/Invoke, accesses/modifies /proc/self/mem, and executes the resulting payload through dynamically generated delegates/function pointers. Treat the package/assembly as unsafe and do not deploy without thorough sandboxing and full-assembly behavior verification.

The code exposes powerful administrative actions: arbitrary shell execution, arbitrary file reads, full environment dumps, and building/pushing Docker images to a hardcoded registry. These are not obfuscated but are high-risk capabilities that can be abused for data exfiltration, remote code execution, and supply-chain leakage if the superuser authentication is compromised or misconfigured. The presence of a hardcoded remote image name for docker push is suspicious for unintended outbound artifact exfiltration. Recommendation: avoid including these endpoints in public packages or ensure strict, auditable authentication and input validation; remove hardcoded push targets and avoid returning full environment variables or arbitrary file contents.

This file contains definitively malicious code that performs remote code execution by fetching and executing a bash script from the suspicious domain concrete-arachnid-wildly[.]ngrok-free[.]app. The code uses child_process.exec to run a bash command with process substitution that downloads content via curl and immediately executes it without any validation or sanitization. The console log message explicitly indicates malicious intent with 'auditing using a malicious injection...'. This represents a critical supply chain attack vector that allows arbitrary code execution on the host system with the same privileges as the Node.js process. The use of an ephemeral ngrok domain suggests attacker-controlled infrastructure. This code poses an extremely high security risk and constitutes a severe backdoor mechanism.

Live on npm for 14 minutes before removal. Socket users were protected even while the package was live.

This script is malicious: it harvests sensitive information (files, environment variables, command outputs) from the host and exfiltrates it to an external service via HTTPS, with a DNS-based covert fallback. It should not be included in a trusted package or executed in CI/production environments. Remove and investigate any systems where it ran, rotate exposed credentials, and treat artifacts as compromised.

This fragment contains a critical remote code execution mechanism: it fetches source text from a server endpoint and executes it via (0, eval) in the browser. In addition, the client accepts server directives to set/delete cookies, inject server-provided HTML into the DOM, and dispatch server-controlled CustomEvents into the application. Any compromise or manipulation of the server, transport, or the /_pywire/source endpoint would translate into full client-side script execution and high impact. Immediate review/mitigation is warranted (remove eval, restrict the source-loading feature to trusted local assets, validate/allowlist responses, and harden transport/server integrity).

This module is strongly malicious: it orchestrates rogue wireless infrastructure (hostapd + dnsmasq) and a captive/phishing HTTP service that collects users’ passwords from HTTP POST submissions, stores them persistently to disk, and can optionally validate them against a WPA handshake using hashcat. Even with an “authorized lab” gate, the core capability is credential theft/phishing suitable for real-world abuse; it should not be used as a dependency in production or untrusted environments.

The source code is heavily obfuscated, making it difficult to determine its purpose or functionality. The lack of readable reports further complicates the analysis. Given the obfuscation, there is a potential risk that the code could be malicious, but without further analysis or deobfuscation, this cannot be confirmed.

Live on npm for 3 hours and 41 minutes before removal. Socket users were protected even while the package was live.

This bundle contains a clear malicious/undesirable conditional payload: for Russian locales/hosts it can disable page interactions and auto-play an external audio file after a timed condition stored in localStorage. That behavior is unrelated to the library's purpose and constitutes a supply-chain backdoor/defacement. The ZIP autofill AJAX behavior is expected but sends user ZIP codes to a configured remote service (privacy risk). Recommended action: treat the package as compromised, remove the malicious conditional block immediately, audit source repository and commit history for unauthorized changes, rotate any secrets if used in the project, and avoid using the affected package version until provenance and integrity are verified.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

This code collects user credentials and exfiltrates them to a hard-coded remote IP over unencrypted HTTP immediately after input. That behavior constitutes a high-risk credential-leak/exfiltration pattern and should be treated as malicious or at minimum extremely unsafe. Do not run this code in production or on machines with sensitive accounts. Replace with a secure, configurable authentication flow using HTTPS to trusted endpoints and avoid sending raw credentials.

High likelihood of malicious behavior. This module performs broad runtime API hooking (time/timers/network/fs/env/child_process/native addons), writes telemetry to a temp logfile, spoofs critical OS proc files (/proc/uptime and /proc/1/cgroup), and forces worker threads to load an additional module ('/opt/node_setup.js'). These are strong indicators of a stealthy backdoor/monitor or sabotage payload.

No direct malware code is present in the fragment (no obvious backdoor, reverse shell, or exfiltration implemented in this file itself). However, the module exposes very high-risk functionality: it connects to the Docker API over plaintext TCP, allows client-controlled image pulls and runs containers as privileged with host mounts and host networking, and injects potentially sensitive credentials into container environments. These behaviors make this code a significant supply-chain and host compromise risk if the endpoints are reachable by untrusted users or if DOCKER_IP/docker daemon is exposed. Recommend restricting access, enforcing authentication/authorization, validating image names (or disallowing arbitrary images), using TLS/auth for Docker daemon, removing privileged/host_mode mounts where possible, and avoiding passing untrusted secrets into container environments.

The analyzed code acts as a telemetry and analytics client that collects and exfiltrates potentially sensitive application and environment data to an external server and Telegram chat using hardcoded credentials. This behavior constitutes a serious privacy and security risk, effectively functioning as spyware or a backdoor. The code is not obfuscated but contains hardcoded secrets and lacks user consent mechanisms. It should be considered malicious or at least highly suspicious and avoided in secure environments.

This module appears to be a legitimate OSINT collection tool, not intentionally malicious. However it contains a critical security flaw: it uses eval() on the contents of scraped .md files (extract_md_data), which are derived from external websites via Firecrawl. That creates a direct remote-to-local arbitrary code execution vector. There are also weaker risks (unvalidated downloads, storing sensitive data and API responses on disk). Recommend removing eval, parsing structured data safely (json.loads or a controlled parser), validating inputs, and treating scraped content as untrusted. Do not run this script with elevated privileges or on hosts containing secrets until the eval usage is eliminated and other hardening is applied.

Live on pypi for 1 hour and 57 minutes before removal. Socket users were protected even while the package was live.

The code poses a significant security risk and should be reviewed. It is recommended to remove unnecessary imports, verify the contents of the data folder and the WordPress websites before proceeding, and avoid using hardcoded credentials for WordPress login.

Live on npm for 11 hours and 46 minutes before removal. Socket users were protected even while the package was live.

This module enables execution of arbitrary shell commands and file updates driven by external inputs (steps_json and user input). There are no explicit signs of spying/backdoors or obfuscated malware, but the use of subprocess.Popen(shell=True) with unvalidated command strings and file append operations means the code can be abused to achieve remote code execution, file tampering, and data leakage if fed untrusted inputs. Treat this component as high risk and ensure all inputs are trusted or validated (or avoid using shell=True and sanitize paths/commands).

Live on pypi for 5 days, 6 hours and 47 minutes before removal. Socket users were protected even while the package was live.

This module is explicitly designed to exploit a specific router model for remote command execution. It fingerprints the target via HTTP response headers, and if the expected service signature is found, it starts an interactive command loop. The execute() method directly injects attacker-supplied commands into a SOAP/XML payload using a $(cmd) substitution pattern and sends it to a UPnP/SOAP upgrade endpoint with router credentials. This constitutes high malicious capability and a strong supply-chain security risk if included in a broader project, even though the snippet itself is not obfuscated.

This module is an active exploit routine: it probes Netgear boardData CGI endpoints using an injected macAddress parameter, verifies potential code execution via a sleep-based timing side-channel, then performs remote command execution (including reading /etc/passwd) and prints the returned output. This is unequivocally offensive and represents a high security risk if present in a supply chain dependency.

This module performs host fingerprinting (identity, environment variables, OS/network/DNS details) and exfiltrates the collected data to a hardcoded operator-controlled domain using both DNS side-channel callbacks and direct HTTPS/HTTP POST requests (with an HTTP fallback). The presence of execSync-based reconnaissance and the explicit exfiltration/callback mechanisms indicate malicious intent rather than benign library functionality. Treat the package/module as dangerous and block/quarantine pending provenance verification.

This module is a straightforward Slowloris DoS tool. It intentionally opens and maintains many TCP connections and sends periodic partial headers to a target host to exhaust server resources. The code is not obfuscated and its malicious purpose is explicit. It should not be executed against systems without explicit authorization. Operational risks include legal exposure and local resource exhaustion. No signs of credential harvesting or stealthy backdoor behavior were found, but the package is nonetheless malicious in function.

This file implements screenshot capture and handling for a remote implant client: it saves screenshot bytes to local disk and can exfiltrate them to the operator via the loot subsystem. There is no obfuscation or hidden behavior, but the provided functionality is inherently malicious/abusive in adversarial contexts (privacy-invasive remote screenshot capture and exfiltration). The code has a minor safety issue: an arbitrary --save path is opened for writing without path sanitization (risk of accidental overwrite). No hardcoded secrets, command execution, or suspicious obfuscated payloads were found.

The supplied assembly embeds a heavily obfuscated runtime loader/unpacker that reads and decrypts embedded blobs, allocates executable native memory, copies payloads there, and creates delegates to execute them. These behaviors are not consistent with a benign Revit UI utility library and are classic indicators of a fileless loader/backdoor. This package should be treated as high risk and not used in production until fully audited and explained by the vendor.

High confidence malicious supply-chain loader behavior. Despite many business-service methods being stubbed in this fragment, the included obfuscated internal component performs anti-tamper checks, unpacks embedded resources, manipulates executable memory via P/Invoke, accesses/modifies /proc/self/mem, and executes the resulting payload through dynamically generated delegates/function pointers. Treat the package/assembly as unsafe and do not deploy without thorough sandboxing and full-assembly behavior verification.

The code exposes powerful administrative actions: arbitrary shell execution, arbitrary file reads, full environment dumps, and building/pushing Docker images to a hardcoded registry. These are not obfuscated but are high-risk capabilities that can be abused for data exfiltration, remote code execution, and supply-chain leakage if the superuser authentication is compromised or misconfigured. The presence of a hardcoded remote image name for docker push is suspicious for unintended outbound artifact exfiltration. Recommendation: avoid including these endpoints in public packages or ensure strict, auditable authentication and input validation; remove hardcoded push targets and avoid returning full environment variables or arbitrary file contents.

This file contains definitively malicious code that performs remote code execution by fetching and executing a bash script from the suspicious domain concrete-arachnid-wildly[.]ngrok-free[.]app. The code uses child_process.exec to run a bash command with process substitution that downloads content via curl and immediately executes it without any validation or sanitization. The console log message explicitly indicates malicious intent with 'auditing using a malicious injection...'. This represents a critical supply chain attack vector that allows arbitrary code execution on the host system with the same privileges as the Node.js process. The use of an ephemeral ngrok domain suggests attacker-controlled infrastructure. This code poses an extremely high security risk and constitutes a severe backdoor mechanism.

Live on npm for 14 minutes before removal. Socket users were protected even while the package was live.

This script is malicious: it harvests sensitive information (files, environment variables, command outputs) from the host and exfiltrates it to an external service via HTTPS, with a DNS-based covert fallback. It should not be included in a trusted package or executed in CI/production environments. Remove and investigate any systems where it ran, rotate exposed credentials, and treat artifacts as compromised.

This fragment contains a critical remote code execution mechanism: it fetches source text from a server endpoint and executes it via (0, eval) in the browser. In addition, the client accepts server directives to set/delete cookies, inject server-provided HTML into the DOM, and dispatch server-controlled CustomEvents into the application. Any compromise or manipulation of the server, transport, or the /_pywire/source endpoint would translate into full client-side script execution and high impact. Immediate review/mitigation is warranted (remove eval, restrict the source-loading feature to trusted local assets, validate/allowlist responses, and harden transport/server integrity).

This module is strongly malicious: it orchestrates rogue wireless infrastructure (hostapd + dnsmasq) and a captive/phishing HTTP service that collects users’ passwords from HTTP POST submissions, stores them persistently to disk, and can optionally validate them against a WPA handshake using hashcat. Even with an “authorized lab” gate, the core capability is credential theft/phishing suitable for real-world abuse; it should not be used as a dependency in production or untrusted environments.

The source code is heavily obfuscated, making it difficult to determine its purpose or functionality. The lack of readable reports further complicates the analysis. Given the obfuscation, there is a potential risk that the code could be malicious, but without further analysis or deobfuscation, this cannot be confirmed.

Live on npm for 3 hours and 41 minutes before removal. Socket users were protected even while the package was live.

This bundle contains a clear malicious/undesirable conditional payload: for Russian locales/hosts it can disable page interactions and auto-play an external audio file after a timed condition stored in localStorage. That behavior is unrelated to the library's purpose and constitutes a supply-chain backdoor/defacement. The ZIP autofill AJAX behavior is expected but sends user ZIP codes to a configured remote service (privacy risk). Recommended action: treat the package as compromised, remove the malicious conditional block immediately, audit source repository and commit history for unauthorized changes, rotate any secrets if used in the project, and avoid using the affected package version until provenance and integrity are verified.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

This code collects user credentials and exfiltrates them to a hard-coded remote IP over unencrypted HTTP immediately after input. That behavior constitutes a high-risk credential-leak/exfiltration pattern and should be treated as malicious or at minimum extremely unsafe. Do not run this code in production or on machines with sensitive accounts. Replace with a secure, configurable authentication flow using HTTPS to trusted endpoints and avoid sending raw credentials.

High likelihood of malicious behavior. This module performs broad runtime API hooking (time/timers/network/fs/env/child_process/native addons), writes telemetry to a temp logfile, spoofs critical OS proc files (/proc/uptime and /proc/1/cgroup), and forces worker threads to load an additional module ('/opt/node_setup.js'). These are strong indicators of a stealthy backdoor/monitor or sabotage payload.

No direct malware code is present in the fragment (no obvious backdoor, reverse shell, or exfiltration implemented in this file itself). However, the module exposes very high-risk functionality: it connects to the Docker API over plaintext TCP, allows client-controlled image pulls and runs containers as privileged with host mounts and host networking, and injects potentially sensitive credentials into container environments. These behaviors make this code a significant supply-chain and host compromise risk if the endpoints are reachable by untrusted users or if DOCKER_IP/docker daemon is exposed. Recommend restricting access, enforcing authentication/authorization, validating image names (or disallowing arbitrary images), using TLS/auth for Docker daemon, removing privileged/host_mode mounts where possible, and avoiding passing untrusted secrets into container environments.

The analyzed code acts as a telemetry and analytics client that collects and exfiltrates potentially sensitive application and environment data to an external server and Telegram chat using hardcoded credentials. This behavior constitutes a serious privacy and security risk, effectively functioning as spyware or a backdoor. The code is not obfuscated but contains hardcoded secrets and lacks user consent mechanisms. It should be considered malicious or at least highly suspicious and avoided in secure environments.

This module appears to be a legitimate OSINT collection tool, not intentionally malicious. However it contains a critical security flaw: it uses eval() on the contents of scraped .md files (extract_md_data), which are derived from external websites via Firecrawl. That creates a direct remote-to-local arbitrary code execution vector. There are also weaker risks (unvalidated downloads, storing sensitive data and API responses on disk). Recommend removing eval, parsing structured data safely (json.loads or a controlled parser), validating inputs, and treating scraped content as untrusted. Do not run this script with elevated privileges or on hosts containing secrets until the eval usage is eliminated and other hardening is applied.

Live on pypi for 1 hour and 57 minutes before removal. Socket users were protected even while the package was live.

The code poses a significant security risk and should be reviewed. It is recommended to remove unnecessary imports, verify the contents of the data folder and the WordPress websites before proceeding, and avoid using hardcoded credentials for WordPress login.

Live on npm for 11 hours and 46 minutes before removal. Socket users were protected even while the package was live.

This module enables execution of arbitrary shell commands and file updates driven by external inputs (steps_json and user input). There are no explicit signs of spying/backdoors or obfuscated malware, but the use of subprocess.Popen(shell=True) with unvalidated command strings and file append operations means the code can be abused to achieve remote code execution, file tampering, and data leakage if fed untrusted inputs. Treat this component as high risk and ensure all inputs are trusted or validated (or avoid using shell=True and sanitize paths/commands).

Live on pypi for 5 days, 6 hours and 47 minutes before removal. Socket users were protected even while the package was live.

This module is explicitly designed to exploit a specific router model for remote command execution. It fingerprints the target via HTTP response headers, and if the expected service signature is found, it starts an interactive command loop. The execute() method directly injects attacker-supplied commands into a SOAP/XML payload using a $(cmd) substitution pattern and sends it to a UPnP/SOAP upgrade endpoint with router credentials. This constitutes high malicious capability and a strong supply-chain security risk if included in a broader project, even though the snippet itself is not obfuscated.

This module is an active exploit routine: it probes Netgear boardData CGI endpoints using an injected macAddress parameter, verifies potential code execution via a sleep-based timing side-channel, then performs remote command execution (including reading /etc/passwd) and prints the returned output. This is unequivocally offensive and represents a high security risk if present in a supply chain dependency.

This module performs host fingerprinting (identity, environment variables, OS/network/DNS details) and exfiltrates the collected data to a hardcoded operator-controlled domain using both DNS side-channel callbacks and direct HTTPS/HTTP POST requests (with an HTTP fallback). The presence of execSync-based reconnaissance and the explicit exfiltration/callback mechanisms indicate malicious intent rather than benign library functionality. Treat the package/module as dangerous and block/quarantine pending provenance verification.