Skip to main content

A tool to scan your direct GitHub dependencies for Go and find ones susceptible to ChainJacking attack

Project description

ChainJacking

Find which of your go lang direct GitHub dependencies is susceptible to ChainJacking attack

Requirements

  • Go and it's binaries >= 1.13
  • GitHub token, to run queries on GitHub API

Installation

pip install chainjacking

Usage

CLI

python -m chainjacking -gt $GH_TOKEN

Arguments

  • -gt <token> - GitHub access token, to run queries on GitHub API (required)
  • -p <path> - Path to scan. (default=current directory)
  • -v - Verbose output mode
  • -url <url> - Scan one or more GitHub URLs
  • -f <path> - Scan one or more GitHub URLs from a file separated by new-line

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

chainjacking-1.1.2.tar.gz (8.8 kB view hashes)

Uploaded Source

Built Distribution

chainjacking-1.1.2-py3-none-any.whl (9.6 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page