
Research
NPM targeted by malware campaign mimicking familiar library names
Socket uncovered npm malware campaign mimicking popular Node.js libraries and packages from other ecosystems; packages steal data and execute remote code.
@minescope/mineping
Advanced tools
This JavaScript library provides an implementation of the Minecraft server ping protocol. It allows you to gather information about a Minecraft server, such as the MOTD, current online players, server icon (Java Edition only), and more.
Mirror on my Git
Node.js 14 or newer is required
To install mineping
, simply run the following command:
npm i @minescope/mineping
If you are using ES Modules, you can import the library like this:
import { pingJava, pingBedrock } from '@minescope/mineping';
mineping
is an ESM-only module — you are not able to import it with require()
.
If you cannot switch to ESM, you can use the async import()
function from CommonJS to load mineping
asynchronously:
const pingJava = (...args) => import('@minescope/mineping').then(module => module.pingJava(...args));
const pingBedrock = (...args) => import('@minescope/mineping').then(module => module.pingBedrock(...args));
Ping a Java server with default options:
import { pingJava } from '@minescope/mineping';
const data = await pingJava('mc.hypixel.net');
console.log(data);
Ping a Bedrock server with custom options:
import { pingBedrock } from '@minescope/mineping';
const data = await pingBedrock('mco.mineplex.com', {
port: 19132,
timeout: 500
});
console.log(data);
More complex example can be found in the
example
folder!
Special thanks to the following projects:
FAQs
Ping both Minecraft Bedrock and Java servers.
The npm package @minescope/mineping receives a total of 10 weekly downloads. As such, @minescope/mineping popularity was classified as not popular.
We found that @minescope/mineping demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovered npm malware campaign mimicking popular Node.js libraries and packages from other ecosystems; packages steal data and execute remote code.
Research
Socket's research uncovers three dangerous Go modules that contain obfuscated disk-wiping malware, threatening complete data loss.
Research
Socket uncovers malicious packages on PyPI using Gmail's SMTP protocol for command and control (C2) to exfiltrate data and execute commands.