npm
Sign UpSign In

@step-security/malware-simulator

0.0.3 • Public • Published

Malware-Simulator Package

To simulate behavior of past compromised packages, StepSecurity has created a package called @step-security/malware-simulator. The simulator is NOT actual malware; the package just makes an outbound call to www.stepsecurity.io in a preinstall step

This package can be used by developers to:

  1. Understand how malicious packages make outbound calls as part of the install steps
  2. How the Harden-Runner GitHub Action can find this behavior (tutorial)
  3. Use as a test package for your applications – to check if defenses are working as expected

You can think of the @step-security/malware-simulator being similar to the EICAR anti-virus simulator file, which is used as a test file for anti-virus software.

Readme

Keywords

none

Package Sidebar

Install

npm i @step-security/malware-simulator

Repository

github.com/step-security/supply-chain-goat

Homepage

github.com/step-security/supply-chain-goat/tree/main/malware-simulator

Weekly Downloads

10

Version

0.0.3

License

Apache-2.0

Unpacked Size

2.44 kB

Total Files

6

Last publish

Collaborators

  • varunsharma07
Try on RunKit
Report malware