Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
- Maintainers
- 1
======================== PyAMS HTTP proxy package
.. contents::
What is PyAMS?
PyAMS (Pyramid Application Management Suite) is a small suite of packages written for applications and content management with the Pyramid framework.
PyAMS is actually mainly used to manage web sites through content management applications (CMS, see PyAMS_content package), but many features are generic and can be used inside any kind of web application.
All PyAMS documentation is available on ReadTheDocs <https://pyams.readthedocs.io>; source code
is available on Gitlab <https://gitlab.com/pyams> and pushed to Github <https://github.com/py-ams>_. Doctests are available in the doctests source folder.
What is PyAMS HTTP proxy?
PyAMS HTTP proxy is a small package which can be used to create an application proxy.
This package is using AsyncIO with Starlette and is not supposed to be used with Pyramid, but with another ASGI compatible server like GUnicorn.
The package is based on plug-ins which can be used to handle different tasks; very few plug-ins are actually available, to handle tasks like logging, Elasticsearch requests indexing or JSON body rewrites...
Changelog
1.7.1
- corrected includes handler
1.7.0
- added support for "includes" config option, to update initial configuration with other files or directories contents
1.6.0
- updated Elasticsearch client settings
- reuse current HTTP client instead of creating a new one in lifespan handler
1.5.0
- added Elasticsearch APM support
- updated Elasticsearch logger to handle all transport exceptions
- updated HTTPx package API
1.4.0
- updated Elasticsearch logger to be able to update incoming request payload before indexing; this is actually used to obfuscate elements from JSON body...
- added tests in proxy to only decode bytes
1.3.3
- updated proxy headers getter to handle requests and response correctly
1.3.2
- updated proxy URL getter to handle null remotes used for service monitoring
1.3.1
- updated request headers plug-in configuration name
1.3.0
- added headers filter plug-in, to add or remove headers from incoming request
- improved support for plug-ins handling request headers
1.2.0
- added "context extension" by providing a "++ext++" URL path element; this allows to access several contexts with a same base URL
1.1.0
- added monitoring plug-in
1.0.3
- small update in JSON configuration file format
1.0.2
- Gitlab-CI update
1.0.1
- removed reference to Pyramid in doctests
1.0.0
- initial release
Keywords
FAQs
PyAMS HTTP proxy
We found that pyams-http-proxy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025