Skip to content
/ dependencyConfusion Public

DependencyConfusion is tool used for finding any library used by the project that might be vulnerable to dependency confusion attack.

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Mah1ndra/dependencyConfusion

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
poc.png
poc.png
 
 

Repository files navigation

DependencyConfusion is tool used for finding any library used by the project that might be vulnerable to dependency confusion attack.

Project with following languages supported:
- Golang
- Perl
- python (still in progress)
- c/c++ (still in progress)

Flags:
	-u, --url  provide github go.mod raw url
    -l, --lang programming language
    -f, --file path to local module file
	-v, --verbose  Print verbose logs to stderr.

sample usage:

For remote project: go run main.go -u URL_HERE -l

For local project: go run main.go -f /tmp/myproject/go.mod -l go

About

DependencyConfusion is tool used for finding any library used by the project that might be vulnerable to dependency confusion attack.

Topics

dependency-confusion

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages