Skip to content

DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion

License

Notifications You must be signed in to change notification settings

alifathi-h1/dependconfusion-x

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 

Repository files navigation

DependConfusion-X

DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion. Currently, it extracts application dependencies from https://example.com/package.json, and tries to find unclaimed dependency on https://registry.npmjs.org.


image

Requirements

  • Python 3
  • Linux/Windows/MAC OSX
  • Slack Webhook (Optional)

Installation

  • Installing Python dependencies

    pip3 install -r requirements.txt

  • Configuring Slack Webhook as env variable

    export slack_webhook=""

Usage

  • To run DependConfusion-X:

    python3 dependconfusion-x.py -l hosts_file [--slack, --threads 20]

About

DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages