Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Fastshot is a GenAI powered screenshot and annotation tool designed to optimize your workflow. Ideal for students, developers, researchers, and operations professionals, Fastshot enhances multitasking by providing seamless, efficient tools to capture, pin, annotate, and analyze screen content.
With its "pin on top" feature, Fastshot allows users to keep screenshots easily accessible while enabling smooth zooming, moving, annotation, and copying for multi-system comparisons. The built-in OCR tool enables quick extraction of text from any part of the screen, further streamlining your workflow.
Additionally, Fastshot’s GenAI-powered assistant offers advanced analysis and summarization of screen content, allowing users to extract information and ask questions with ease, significantly boosting productivity.
The tool also includes a Screen Pen feature, window pinning capabilities, and customizable window opacity adjustments—perfect for managing complex workflows across multiple windows and tasks.
You can install Fastshot from PyPI:
pip install fastshot
Once installed, you can start Fastshot from the command line:
fastshot
setx OPENAI_TOKEN "sk-kK"
setx OPENAI_MM_URL "https://xxx"
setx OPENAI_CHATGPT_URL "https://xxx"
setx HEAD_TOKEN_KEY "Authorization"
setx OPENAI_TOKEN_URL ""
setx OPENAI_USER_NAME ""
setx OPENAI_PASSWORD ""
setx OPENAI_APPLICATION_ID ""
setx OPENAI_APPLICATION_NAME ""
setx OPENAI_MM_URL "https://xxx"
setx OPENAI_CHATGPT_URL "https://xxx"
setx HEAD_TOKEN_KEY "Authorization"
setx OPENAI_HEALTH_URL ""
Customize your experience with configurable shortcuts. Most operations require only a single hotkey, minimizing the need for repetitive touch points.
[Shortcuts]
hotkey_snip = <shift>+a+s
hotkey_paint = <ctrl>+p
hotkey_text = <ctrl>+t
hotkey_screenpen_toggle = <ctrl>+<cmd>+<alt>
hotkey_undo = <ctrl>+z
hotkey_redo = <ctrl>+y
hotkey_screenpen_exit = <esc>
hotkey_screenpen_clear_hide = <ctrl>+<esc>
hotkey_topmost_on = <esc>+`
hotkey_topmost_off = <cmd>+<shift>+\
hotkey_opacity_down = <left>+<right>+<down>
hotkey_opacity_up = <left>+<right>+<up>
[ScreenPen]
enable_screenpen = True
pen_color = red
pen_width = 3
git clone https://github.com/jimeverest/fastshot.git
cd fastshot
pip install -r requirements.txt
You can run the tests using:
pytest tests/
We welcome contributions from the community! Please read our Contributing Guide to learn how you can help improve Fastshot.
Fastshot is released under the MIT License.
Fastshot is designed to seamlessly integrate into your workflow without altering your existing systems or data structures. Here's how it helps:
By providing powerful tools for capturing, annotating, and sharing screen content, Fastshot is an indispensable asset for anyone who requires efficient multitasking capabilities in their daily activities.
The plugin system in Fastshot is designed to be simple yet powerful, enabling developers to add custom functionalities without modifying the core application code. Plugins are Python modules that adhere to a specific interface, allowing the main application to load, manage, and execute them seamlessly.
A plugin can be a single Python file placed directly in the plugins directory or a package (folder with an init.py file) if it requires multiple modules or resources.
Each plugin must define a get_plugin_info() function that returns a dictionary with the following keys:
Each plugin must implement a run(app_context) function, which is the entry point when the plugin is activated. The app_context parameter provides access to the main application and allows the plugin to interact with it.
Follow these steps to create a plugin for Fastshot.
Navigate to the plugins directory in the Fastshot application. Create a new Python file for your plugin (e.g., my_plugin.py).
In your plugin file, define the get_plugin_info() function:
def get_plugin_info():
"""Returns metadata about the plugin."""
return {
'name': 'My Plugin',
'id': 'my_plugin',
'description': 'A plugin that does something useful.',
'author': 'Your Name',
'version': '1.0',
'default_shortcut': 'alt',
'press_times': 3,
'enabled': True
}
Note: Adjust the default_shortcut and press_times to suit your plugin's activation method.
Implement the run(app_context) function, which contains the code to be executed when the plugin is activated:
def run(app_context):
"""The main function that gets called when the plugin is activated."""
# Your plugin code here
print("My Plugin has been activated!")
Example: You might display a message box, manipulate application data, or perform any desired action.
If your plugin needs to interact with the main application, use the app_context parameter:
def run(app_context):
"""The main function that gets called when the plugin is activated."""
# Access application attributes or methods
app_context.some_method()
Note: Refer to the application documentation for available methods and attributes.
Start the Fastshot application. Activate the plugin by pressing the specified shortcut key the required number of times within one second. Verify that the plugin behaves as expected.
Below is an example of a simple plugin that displays a "Hello, World!" message when activated.
# plugins/plugin_hello_world.py
import tkinter as tk
from tkinter import messagebox
def get_plugin_info():
"""Returns metadata about the plugin."""
return {
'name': 'Hello World Plugin',
'id': 'plugin_hello_world',
'description': 'Displays a Hello World message.',
'author': 'Your Name',
'version': '1.0',
'default_shortcut': 'alt',
'press_times': 3,
'enabled': True
}
def run(app_context):
"""The main function that gets called when the plugin is activated."""
root = tk.Tk()
root.withdraw()
messagebox.showinfo("Hello Plugin", "Hello, World!")
root.destroy()
Activation: Press the Alt key three times within one second to activate this plugin.
Default Shortcuts: Plugins specify default shortcuts in their metadata. User Configuration: In future versions, users will be able to modify plugin settings (e.g., shortcuts, enable/disable) through the application's web portal or configuration files. Conflict Avoidance: Ensure your plugin's shortcut doesn't conflict with existing shortcuts.
Unique IDs: Assign a unique id to your plugin to prevent conflicts. Error Handling: Include try-except blocks in your plugin code to handle exceptions gracefully. Minimal Impact: Ensure your plugin doesn't negatively impact the application's performance or stability. Documentation: Comment your code and provide clear explanations of your plugin's functionality. Security: Avoid executing untrusted code and be cautious with file and network operations.
Trust: Only use plugins from trusted sources to prevent security risks. Sandboxing: Currently, plugins run with the same permissions as the main application. Be mindful of this when developing plugins. Validation: Future versions may include security enhancements, such as plugin signing or sandboxing mechanisms.
Share Your Plugin: If you've developed a plugin that could benefit others, consider contributing it to the project. Contribution Guidelines: Follow the project's contribution guidelines for submitting plugins. Collaboration: Engage with the community to improve and expand plugin functionalities.
FAQs
A versatile screen capturing tool with annotation and OCR features
We found that fastshot demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.