Just deployed a blockchain node? Have some tea.
Project description
Teatime - A Blockchain RPC Attack Framework
Deployed a node? Have a cup.
Teatime is an RPC attack framework aimed at making it easy to spot misconfigurations in blockchain nodes. It detects a large variety of issues, ranging from information leaks to open accounts, and configuration manipulation.
The goal is to enable tools scanning for vulnerable nodes and minimizing the risk of node-based attacks due to common vulnerabilities. Teatime uses a plugin-based architecture, so extending the library with your own checks is straightforward.
Please note that this library is still a PoC and lacks documentation. If there are plugins you would like to see, feel free to contact me on Twitter!
Installation
Teatime runs on Python 3.6+.
To get started, simply run
$ pip3 install teatime
Alternatively, clone the repository and run
$ pip3 install .
Or directly through Python’s setuptools
:
$ python3 setup.py install
Future Development
The future of Teatime is uncertain, even though I would love to add broader checks that go beyond RPC interfaces, specifically for technologies such as:
Ethereum 2.0
Filecoin
IPFS
If you want to integrate plugins for smaller, less meaningful chains such as Bitcoin or Ethereum knock-offs, feel free to fork the project and integrate them separately.
History
0.2.0 (2020-07-13)
First release on PyPI.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for teatime-0.2.1-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 71abde94a7f9fa2e0a49faa19f595ad2a34dfc97b26e21b361fe6ead867ec0d9 |
|
MD5 | 4a0fe28aaa812ca663e737a8aa31a7ce |
|
BLAKE2b-256 | 050d196ef7e7bf74c539e39e52108e6b6e00f9887f62abebd11746961fe496ea |