Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Command line interface for HTTP requests defined in yaml configuration file.
pip install adz
Having a yaml configuration file
endpoints:
endpoint:
request: GET https://httpbin.org/get
headers:
Content-Type: application/json
and running on command line
adz endpoint
will execute endpoint
request defined in configuration file and print
GET https://httpbin.org/get
HTTP/1.1 200 OK
• access-control-allow-credentials: true
• access-control-allow-origin: *
• content-encoding: gzip
• content-type: application/json
• date: Thu, 06 Jun 2019 06:06:06 GMT
• referrer-policy: no-referrer-when-downgrade
• server: nginx
• x-content-type-options: nosniff
• x-frame-options: DENY
• x-xss-protection: 1; mode=block
• content-length: 204
• connection: keep-alive
{
"args": {},
"headers": {
"Accept": "*/*",
"Accept-Encoding": "gzip, deflate",
"Content-Type": "application/json",
"Host": "httpbin.org",
"User-Agent": "python-httpx/0.7.1"
},
"url": "https://httpbin.org/get"
}
For an example configuration look at docs/example.yml.
bool
, default: true
bool
, default: true
str
, default native
variable: abc
applied on url: http://example.org/$variable
results in http://example.org/abc
file://
is opened as file and loaded as string into variablemethod url
e.g. get http://example.org
file://
is loaded as json filefile://
is loaded as json filepath/to/file.txt
filename: path/to/file.txt
adz.yaml
or adz.yml
api.yaml
or api.yml
rest.yaml
or rest.yml
.
~/
.adz
directory in user's home e.g. ~/.adz/
Configuration file path can also be set using environmental variable ADZ
.
Run adz -h
adz --config
, adz -c
adz --details <endpoint>
, adz -d <endpoint>
adz --list
, adz -l
adz --output
, adz -o
adz --settings
, adz -s
adz --var name=value
, adz -v name=value
adz --colors
, adz --no-colors
adz --response
, adz --no-response
ADZ is licensed under a three clause BSD License. Full license text can be found here.
FAQs
Command line interface for HTTP requests defined in yaml configuration file
We found that adz demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.