A lightweight OS-level supply chain attack guard for Python

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sedovda from gravatar.com sedovda
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Requires: Python >=3.6
Classifiers
Report project as malware

Project description

chain_guard

🛡 Features

  • Import Interception: Blocks unauthorized access to sensitive environment variables (e.g., AWS_SECRET_ACCESS_KEY, DATABASE_URL) during package initialization.
  • File System Guard: Prevents third-party packages from reading sensitive files like ~/.ssh/id_rsa or ~/.aws/credentials.
  • OS-level Telemetry & Execution Prevention: Uses Python's native Audit Hooks (PEP 578) to actively block remote code execution (os.system, subprocess) and reverse shell network connections (socket.connect) at the moment a suspicious package is imported.

Запуск

python3 -m venv venv

source venv/bin/activate

pip install -e .

установка тестовых пакетов

pip install -e test_package/clean_pkg

pip install -e test_package/malware_pkg

pip install -e test_package/sheep_package #имеет зависимость от 'вредоносного' wolf_package

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sedovda from gravatar.com sedovda
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Requires: Python >=3.6
Classifiers

Release history Release notifications | RSS feed

0.2.0

0.1.2

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

supply_chain_guard-0.1.1.tar.gz (4.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

supply_chain_guard-0.1.1-py3-none-any.whl (4.8 kB view details)

Uploaded Python 3

File details

Details for the file supply_chain_guard-0.1.1.tar.gz.

File metadata

  • Download URL: supply_chain_guard-0.1.1.tar.gz
  • Upload date:
  • Size: 4.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.9.6

File hashes

Hashes for supply_chain_guard-0.1.1.tar.gz
Algorithm Hash digest
SHA256 17fc14ba125810cd7746e3b9b658f4c8b0c99ba401112771168c2e8b2495ea7a
MD5 acf984b657c2fe8451e3540fee92de13
BLAKE2b-256 138a514d67c67110b1092daf34a12d940ace2d751ef18d4acdd8c55b70ae8454

See more details on using hashes here.

File details

Details for the file supply_chain_guard-0.1.1-py3-none-any.whl.

File metadata

File hashes

Hashes for supply_chain_guard-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 2cf3da8e44c50af5adb68ec201d277a8a58f36dae55b85c5d6f5f4b9109fa08f
MD5 beaae53234c3d3a40fbe2c96e88fb2d8
BLAKE2b-256 7da87a3c0a28eb8f0d8f328e3d782d5b1452c40036a25cae688c0a662a629538

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page