Pkg
Stats

npm package discovery and stats viewer.

Discover Tips

General search
[free text search, go nuts!]
Package details
pkg:[package-name]
User packages
@[username]

Sponsor

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Twitter
@PkgStats
GitHub
pkgstats
Twitter
@ryanhefner
GitHub
ryanhefner
Site
ryanhefner.com

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

Framework
react / react-dom
Server
next / express / next-routes
Data Store
redux / react-redux / next-redux-wrapper / redux-thunk / redux-logger
Caching
lru-cache
CSS / Styling
next-page-transitions / styled-components
Typeface
@ibm/plex
Avatars
gravatar
Data Viz
chart.js / react-sparklines
Date formatting
dayjs
Infinite scrolling
react-scroll-trigger
Markdown rendering
react-markdown
Repository url parsing
hosted-git-info
User data
npm-user
Compiling
babel-plugin-module-resolver / babel-plugin-styled-components
Types
prop-types
Odds & Ends
es6-promise / isomorphic-fetch

© 2024 – Pkg Stats / Ryan Hefner

infected-lib

v1.0.1

Published

a month ago

A demonstration library designed to simulate malicious NPM package activity for security training and research purposes.

Downloads

53

0High
0Medium
0Low

security malware npm malicious-package compromise-lib training

infected-lib

Description

infected-lib is a malicious demonstration library designed to simulate compromised npm packages. It is intended for security training and research purposes only. This package contains unsafe functionality that mimics real-world attack scenarios, providing insight into malicious activity and how it can affect systems.

⚠️ Use it with caution and only in secure, controlled environments!

Disclaimer

⚠️ Warning: This package is intended for educational and research purposes only. Do not use this package in production environments. The creator is not responsible for any misuse of this code.

Installation

To install the package, run the following command:

npm install infected-lib

Usage

Once installed, you can require the library in your Node.js application like so:

const infected = require('infected-lib');

// Simulate malicious activity
infected.triggerCompromise();

Detect the Activity

You can find Directory called creds and a file credentials.txt in the node_modules Directory

// run this in root directory of your nodejs application
cat /node_modules/creds/credentials.txt

Contributing

We welcome contributions to infected-lib! If you have suggestions for improvements or new features, please feel free to submit a pull request or open an issue.

Author

Mohammed Afzal
GitHub Profile