Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tools to detect possible attacks #23

Open
ju-sh opened this issue Mar 9, 2022 · 1 comment
Open

Tools to detect possible attacks #23

ju-sh opened this issue Mar 9, 2022 · 1 comment

Comments

@ju-sh
Copy link

ju-sh commented Mar 9, 2022
edited
Loading

Are there any tools to examine the source code and point out parts where attacks are possible?

For different languages?

Maybe there are linting tools which can catch them as well?

Or tools with under-development features for this?
@lirantal
Copy link

lirantal commented Mar 9, 2022
edited
Loading

Today most IDEs such as Visual Studio Code already added visual cues to show unicode characters, GitHub UI does the same. Also, in an article I wrote about How to effectively detect and mitigate Trojan Source attacks in JavaScript codebases with ESLint I am referencing an ESlint plugin I built and an npm package that detects them if you care to add to your CI / git hooks: https://github.com/lirantal/anti-trojan-source

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lirantal @ju-sh