Skip to content

OSS Detect Backdoor

Jump to bottom
Michael Scovetta edited this page Mar 23, 2022 · 2 revisions

Identifies potential backdoors and malicious code within a package. Currently has a high false-positive rate.

Usage information from --help 

USAGE:
Find the characterstics for the given package:
  oss-detect-backdoor --download-directory . --format text [options] package-url...

  -d, --download-directory    (Default: .) the directory to download the package to.
  -f, --format                (Default: text) select the output format (text|sarifv1|sarifv2)
  -o, --output-file           (Default: ) send the command output to a file instead of stdout
  -c, --use-cache             (Default: false) do not download the package if it is already present in the destination
                              directory.
  --help                      Display this help screen.
  --version                   Display version information.

The package-url specifier is described at https://github.com/package-url/purl-spec:
  pkg:cargo/rand                The latest version of Rand (via crates.io)
  pkg:cocoapods/AFNetworking    The latest version of AFNetworking (via cocoapods.org)
  pkg:composer/Smarty/Smarty    The latest version of Smarty (via Composer/ Packagist)
  pkg:cpan/Apache-ACEProxy      The latest version of Apache::ACEProxy (via cpan.org)
  pkg:cran/ACNE@0.8.0           Version 0.8.0 of ACNE (via cran.r-project.org)
  pkg:gem/rubytree@*            All versions of RubyTree (via rubygems.org)
  pkg:golang/sigs.k8s.io/yaml   The latest version of sigs.k8s.io/yaml (via proxy.golang.org)
  pkg:github/Microsoft/DevSkim  The latest release of DevSkim (via GitHub)
  pkg:hackage/a50@*             All versions of a50 (via hackage.haskell.org)
  pkg:maven/org.apdplat/deep-qa The latest version of org.apdplat.deep-qa (via repo1.maven.org)
  pkg:npm/express               The latest version of Express (via npm.org)
  pkg:nuget/Newtonsoft.JSON     The latest version of Newtonsoft.JSON (via nuget.org)
  pkg:pypi/django@1.11.1        Version 1.11.1 fo Django (via pypi.org)
  pkg:ubuntu/zerofree           The latest version of zerofree from Ubuntu (via packages.ubuntu.com)
  pkg:vsm/MLNET/07              The latest version of MLNET.07 (from marketplace.visualstudio.com)
  pkg:url/foo@1.0?url=<URL>     The direct URL <URL>
Clone this wiki locally