
Security News
Follow-up and Clarification on Recent Malicious Ruby Gems Campaign
A clarification on our recent research investigating 60 malicious Ruby gems.
As a developer/admin, I saw user coming to registration page, with parameters. I saw user clking on "Connect".
What the user might have done?
this is a common question developers do have while debugging any issue, going through the logs checking for particular log statement or request param, and then after spending an hour coming with a decision that user must have done this. Saw saves this hour, time spent on debugging and answering this question What user might have done?
.
This is one more simply way to track what user is doing.
Add this line to your application's Gemfile:
gem 'saw'
And then execute:
$ bundle install
Or install it yourself as:
$ gem install saw
And then install
$ rails generate saw install
Next
$ rake db:migrate
before_filter :saw
Or
saw 'visiting details page', { :extra => 'something' }
Or
# in views
<button id="button-retry" onclick="open_pop_up_form();" class="mybutton medium green">
Connect to your Device
</button>
<script type="text/javascript">
function open_pop_up_form(){
$.post("/visits", { doing: "clicked on 'Connect to your Device' " } );
....
Access users' visits as
visit = @user.visits.sample
visit.user_agent
visit.remote_host
visit.hits.map(&:note)
visit.lasts # => 00:12:45
visit.title # => 00:12:45 on Apr 14, 2013
visit.summary
hit = visit.hits.sample
hit.note
hit.url
hit.http_method
hit.action
hit.json_data
hit.created_at
A visit is not a single request made to the server but a session. Similalry a hit is not necessary to be a request hit.
ruby test/saw_test.rb
FAQs
Unknown package
We found that saw demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A clarification on our recent research investigating 60 malicious Ruby gems.
Security News
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.
Research
/Security News
A malicious Go module posing as an SSH brute forcer exfiltrates stolen credentials to a Telegram bot controlled by a Russian-speaking threat actor.