Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
bugger-daemon
Advanced tools
Main point of communication/integration between the many moving parts of bugger.
--------------------------- Chrome ---------------------------
| | | |
| DevTools A | DevTools B | bugger.crx |
| | | | | | |
---------|--------------------|--------------------|----------
| | |
| (I) | (I) | (II)
| | |
---------|---------------- buggerd ----------------|----------
| V | V | V |
| Domain Agents A | Domain Agents B | Meta HTTP API |
| | | \ | Δ |
--------|----------------------------\-------------|----------
| \ |
| (III) | (III) |
| _________________|__________/| (II)*
V / V |
------- A.js ---/--- ------- B.js -|------
| / | | | |
| Instrumentation | | Instrumentation |
| | | |
-------------------- ---------------------
(I) Chrome Remote Debugging Protocol // websocket
https://developers.google.com/chrome-developer-tools/docs/protocol/1.0/
(II) REST API for basic meta data about debugged processes (see below)
(II)* The instrumentation code may also communicate directly with the domain
agents if necessary.
(III) v8 debugger protocol
https://code.google.com/p/v8/wiki/DebuggerProtocol
Array with all known processes. See next section for schema.
Get information about a process with a given PID. Will only work if the process was instrumented previously. Data will look like this:
{
"title": "some_script.js param1 --num=10",
"script": "some_script.js",
"params": [ "param1", "--num=10" ],
"pid": 70491,
"pwd": "/home/jdoe/workspace/tools",
"websocket": "/processes/70491"
}
Unregister a process.
Used by instrumentation to register a new process. It expects JSON data in the body that looks like the one shown in the GET request, only without title.
Websocket that the devtools can connect to. If buggerd is running at http://127.0.0.1:8058 (which is the default), then the proper devtools url for a process with PID 70491 would be:
chrome-devtools://devtools/devtools.html?ws=127.0.0.1:8058/processes/70491&toolbarColor=rgba(230,230,230,1)&textColor=rgba(0,0,0,1)
Get the content of a source map.
FAQs
buggerd sources
The npm package bugger-daemon receives a total of 0 weekly downloads. As such, bugger-daemon popularity was classified as not popular.
We found that bugger-daemon demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.