Detect backdoors in Python, JS and PHP code
Project description
🛡️ bac_detect
A powerful tool for detecting potential backdoors and vulnerabilities in Python, JavaScript, and PHP source code
🚀 Installation • 🔍 Features • 📊 Usage Examples • ⚙️ Configuration • 👥 Contributing
📦 Installation
pip install bac_detect
🚀 Quick Start
# Scan a directory or single file
bac_detect path/to/your/code
# Enable extra Python checks via Pylint
bac_detect --use-pylint path/to/your/code
# Show only HIGH severity issues
bac_detect --min-severity high path/to/your/code
# Export results to JSON file
bac_detect --output-format json --output-file results.json path/to/your/code
# Use multiple CPU cores for faster scanning
bac_detect path/to/your/code # Multi-threading is enabled by default
# Disable dependency checking
bac_detect --no-check-dependencies path/to/your/code
🔍 Features
- Multi-language scanning: Analysis of
.py,.js, and.phpfiles - Combined approach:
- Abstract Syntax Tree (AST) analysis using Bandit for Python and Esprima for JavaScript
- Advanced regex-based scanning
- Detection of suspicious constructs and potential backdoors
- Smart classification: All found issues are categorized by severity levels (HIGH, MEDIUM, LOW)
- Customizability: All detection rules can be configured in the
patterns.jsonfile - Performance optimizations:
- Multi-threaded scanning for faster processing
- Selective file processing with ignore patterns
- Obfuscated code detection: Identifies common obfuscation techniques across different languages
- Dependencies security: Checks
requirements.txt,package.json, andcomposer.jsonfor known malicious packages - Flexible reporting: Export results to JSON format
- CI/CD integration: Returns non-zero exit status when issues are detected
📊 Usage Examples
Basic Scanning
# Scan a directory recursively through all subdirectories
bac_detect /path/to/project
# Scan only specific file types
bac_detect --include "*.py,*.js" /path/to/project
# Exclude specific directories
bac_detect --exclude "tests/,vendor/" /path/to/project
Advanced Options
# Output results to JSON
bac_detect --output-format json --output-file results.json /path/to/project
# Set minimum severity level to display
bac_detect --min-severity medium /path/to/project
# Scan using a custom patterns file
bac_detect --patterns custom_patterns.json /path/to/project
# Use a custom ignore file
bac_detect --ignore-file .custom_ignore /path/to/project
# Disable multi-threading
bac_detect --no-multiprocessing /path/to/project
# Set maximum number of threads
bac_detect --max-workers 4 /path/to/project
Output Example
[HIGH] Potential backdoor found: eval with dynamic content
File: backend/utils.py, Line: 42
Code: eval(request.params.get('cmd'))
[MEDIUM] Unsafe SQL query handling
File: backend/models.py, Line: 78
Code: cursor.execute("SELECT * FROM users WHERE id = " + user_id)
[LOW] Deprecated security function usage
File: backend/auth.py, Line: 156
Code: md5(password).hexdigest()
⚙️ Configuration
Detection Pattern Setup
All regex rules are located in the file:
bac_detect/patterns.json
You can edit existing or add new patterns:
{
"python": {
"high": [
{
"pattern": "eval\\s*\\(.*\\)",
"description": "Dangerous use of eval()"
},
{
"pattern": "os\\.system\\s*\\(.*\\$.*\\)",
"description": "Shell command execution with external variables"
}
],
"medium": [
...
]
},
"javascript": {
...
}
}
Ignoring Files and Patterns
Create a .bac_detectignore file in your project root:
# This is a comment
# Ignore specific patterns
pattern:eval_usage
pattern:base64_decode
# Ignore files/directories (regex format)
tests/.*
vendor/.*
.*\.min\.js$
Configuration File
You can also create a .bac_detectrc configuration file in your project root:
[DEFAULT]
exclude = tests/,docs/,vendor/
include = *.py,*.js,*.php
min-severity = medium
use-pylint = true
👥 Contributing
- Fork this repository
- Create a feature branch:
git checkout -b feature/my-new-feature
- Make your changes and commit:
git add . git commit -m "Add support for XYZ"
- Push to your fork and open a Pull Request against the
mainbranch
📄 License
This project is licensed under the MIT License. See the LICENSE file for details.
📍 Repository
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
bac_detect-1.2.0.tar.gz
(37.6 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file bac_detect-1.2.0.tar.gz.
File metadata
- Download URL: bac_detect-1.2.0.tar.gz
- Upload date:
- Size: 37.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.8.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
bffe04b662654e281bbb9764fa6fab6dd30a04ac1c12d5c03e8f87be316a397b
|
|
| MD5 |
58d8663a9ae9536b173807aa94e61b3a
|
|
| BLAKE2b-256 |
91c43e354d3b366a3d11cc7ed880471dfaaf4041a3fde1e2225db35685753920
|
File details
Details for the file bac_detect-1.2.0-py2.py3-none-any.whl.
File metadata
- Download URL: bac_detect-1.2.0-py2.py3-none-any.whl
- Upload date:
- Size: 24.4 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.8.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
387510d97b3b4c122cff6ed947f02d569dccb884791055a8d943fc54e7178e4a
|
|
| MD5 |
0ebde39edbfa17e19759d1eb11e6529c
|
|
| BLAKE2b-256 |
913eba2a05fd9bc955ab158b31b23d0aed7c6918605ee372155939b719887222
|
