A tool to scan your direct GitHub dependencies for Go and find ones susceptible to ChainJacking attack
Project description
ChainJacking
Find which of your go lang direct GitHub dependencies is susceptible to ChainJacking attack
Requirements
- Go and it's binaries >= 1.13
- GitHub token, to run queries on GitHub API
Installation
pip install chainjacking
Usage
CLI
python -m chainjacking -gt $GH_TOKEN
Arguments
-gt <token>
- GitHub access token, to run queries on GitHub API (required)-p <path>
- Path to scan. (default=current directory)-v
- Verbose output mode-url <url>
- Scan one or more GitHub URLs-f <path>
- Scan one or more GitHub URLs from a file separated by new-line
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
chainjacking-1.1.2.tar.gz
(8.8 kB
view hashes)
Built Distribution
Close
Hashes for chainjacking-1.1.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 04b07c247009abab48651e475f182885d721bf1f778aab710a8070c91e540d26 |
|
MD5 | f8efdd8483a1f3d93279b64d9140a2f8 |
|
BLAKE2b-256 | ab8a40253f72b135741a837ccd40ff36a7ecb7cddd3e13146a43bff92b13df23 |