Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Readme
pyJARM is a convenience library for the JARM fingerprinting tool. This library is based on the original python implementation here.
It requires python 3.7+.
pip install pyjarm
usage: jarm [-h] [-i INPUT] [-d] [-o OUTPUT] [-4] [-6] [-c [CONCURRENCY]]
[--proxy PROXY] [--proxy-auth PROXY_AUTH] [--proxy-insecure]
[--timeout TIMEOUT] [--suppress]
[scan]
Enter an IP address/domain and port to scan or supply an input file.
positional arguments:
scan Enter an IP or domain to scan.
optional arguments:
-h, --help show this help message and exit
-i INPUT, --input INPUT
Provide a list of IP addresses or domains to scan, one
domain or IP address per line. Ports can be specified
with a colon (ex. 8.8.8.8:8443)
-d, --debug [OPTIONAL] Debug mode: Displays additional debug
details
-o OUTPUT, --output OUTPUT
[OPTIONAL] Provide a filename to output/append results
to a CSV file.
-4, --ipv4only [OPTIONAL] Use only IPv4 connections (incompatible
with --ipv6only).
-6, --ipv6only [OPTIONAL] Use only IPv6 connections (incompatible
with --ipv4only).
-c [CONCURRENCY], --concurrency [CONCURRENCY]
[OPTIONAL] Number of concurrent connections (default
is 2).
--proxy PROXY [OPTIONAL] Use proxy (format
http[s]://user:pass@proxy:port). HTTPS_PROXY env
variable is used by default if this is not set. Set
this to 'ignore' to ignore HTTPS_PROXY and use no
proxy.
--proxy-auth PROXY_AUTH
[OPTIONAL] Send this header in Proxy-Authorization
(when using proxy).
--proxy-insecure [OPTIONAL] Do not verify SSL_CERTIFICATES (only when
HTTPS proxy is set).
--timeout TIMEOUT [OPTIONAL] Timeout to wait for connection attempts.
Default is 20 seconds
--suppress [OPTIONAL] Suppresses any exception or warning logging.
Example
$ pyjarm google.com
Target: google.com:443
JARM: 27d40d40d29d40d1dc42d43d00041d4689ee210389f4f6b4b5b1b93f92252d
from jarm.scanner.scanner import Scanner
print(Scanner.scan("google.com", 443))
('27d40d40d29d40d1dc42d43d00041d4689ee210389f4f6b4b5b1b93f92252d', 'google.com', 443)
import asyncio
from jarm.scanner.scanner import Scanner
print(asyncio.run(Scanner.scan_async("google.com", 443)))
('27d40d40d29d40d1dc42d43d00041d4689ee210389f4f6b4b5b1b93f92252d', 'google.com', 443)
FAQs
pyJarm is a convenience library for the JARM fingerprinting tool.
We found that pyjarm demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.