A lightweight OS-level supply chain attack guard for Python

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sedovda from gravatar.com sedovda
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Requires: Python >=3.6
Classifiers
Report project as malware

Project description

chain_guard

🛡 Features

  • Import Interception: Blocks unauthorized access to sensitive environment variables (e.g., AWS_SECRET_ACCESS_KEY, DATABASE_URL) during package initialization.
  • File System Guard: Prevents third-party packages from reading sensitive files like ~/.ssh/id_rsa or ~/.aws/credentials.
  • OS-level Telemetry & Execution Prevention: Uses Python's native Audit Hooks (PEP 578) to actively block remote code execution (os.system, subprocess) and reverse shell network connections (socket.connect) at the moment a suspicious package is imported.

Запуск

python3 -m venv venv

source venv/bin/activate

pip install -e .

установка тестовых пакетов

pip install -e test_package/clean_pkg

pip install -e test_package/malware_pkg

pip install -e test_package/sheep_package #имеет зависимость от 'вредоносного' wolf_package

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sedovda from gravatar.com sedovda
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Requires: Python >=3.6
Classifiers

Release history Release notifications | RSS feed

0.2.0

This version

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

supply_chain_guard-0.1.2.tar.gz (4.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

supply_chain_guard-0.1.2-py3-none-any.whl (4.8 kB view details)

Uploaded Python 3

File details

Details for the file supply_chain_guard-0.1.2.tar.gz.

File metadata

  • Download URL: supply_chain_guard-0.1.2.tar.gz
  • Upload date:
  • Size: 4.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.9.6

File hashes

Hashes for supply_chain_guard-0.1.2.tar.gz
Algorithm Hash digest
SHA256 43a63f3f1312bf096900d988836cf2e0e700b0eb405abeb5d1b95dd19afbe2ca
MD5 5e44f5052c7b852c9f9457ea2981accd
BLAKE2b-256 63ea8bd4204aa17c0c11740b259ad8128ce5124727e6246c34f6c924f88de3b7

See more details on using hashes here.

File details

Details for the file supply_chain_guard-0.1.2-py3-none-any.whl.

File metadata

File hashes

Hashes for supply_chain_guard-0.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 54d010c5d4809931864a423084f9c4892c08ea5ac3bd6540fe324f59ac64749d
MD5 8c1f5a0a376c0ca70957b93863f03bb2
BLAKE2b-256 f35e62612055a19a750dcf853f731ccf63df08263b88d23472354c4d32faccc7

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page