{"id":15010852,"url":"https://github.com/acuciureanu/ppfang","last_synced_at":"2025-04-09T18:35:44.275Z","repository":{"id":58991607,"uuid":"532564975","full_name":"acuciureanu/ppfang","owner":"acuciureanu","description":"A tool which helps identifying client-side prototype polluting libraries","archived":false,"fork":false,"pushed_at":"2025-04-01T10:33:12.000Z","size":408,"stargazers_count":38,"open_issues_count":7,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-04-03T11:49:35.218Z","etag":null,"topics":["bugbounty","bugbounty-tool","bugbountytips","chromium","cspp","prototype-pollution","security","security-tools","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/acuciureanu.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-09-04T14:31:45.000Z","updated_at":"2025-02-17T11:41:35.000Z","dependencies_parsed_at":"2024-02-24T11:21:04.638Z","dependency_job_id":"f72f16f6-300b-4e11-9d8b-f66677936bf7","html_url":"https://github.com/acuciureanu/ppfang","commit_stats":{"total_commits":97,"total_committers":3,"mean_commits":"32.333333333333336","dds":0.5257731958762887,"last_synced_commit":"7949a0d04336c285de3403c2c1ca12feacbf9df7"},"previous_names":[],"tags_count":16,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/acuciureanu%2Fppfang","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/acuciureanu%2Fppfang/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/acuciureanu%2Fppfang/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/acuciureanu%2Fppfang/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/acuciureanu","download_url":"https://codeload.github.com/acuciureanu/ppfang/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248088535,"owners_count":21045733,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","bugbounty-tool","bugbountytips","chromium","cspp","prototype-pollution","security","security-tools","vulnerability-scanners"],"created_at":"2024-09-24T19:36:36.275Z","updated_at":"2025-04-09T18:35:44.254Z","avatar_url":"https://github.com/acuciureanu.png","language":"JavaScript","funding_links":["https://www.buymeacoffee.com/alexcuciureanu"],"categories":[],"sub_categories":[],"readme":"# PPFang - Identify Client-Side Prototype Pollution\n\n[![CodeQL](https://github.com/acuciureanu/ppfang/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/acuciureanu/ppfang/actions/workflows/codeql-analysis.yml) [![Node.js Package](https://github.com/acuciureanu/ppfang/actions/workflows/publish.yml/badge.svg)](https://github.com/acuciureanu/ppfang/actions/workflows/publish.yml) ![GitHub](https://img.shields.io/github/license/acuciureanu/ppfang)\n\nAre you concerned about prototype pollution vulnerabilities in your JavaScript code? Look no further! PPFang is here to help you identify and eliminate prototype polluting libraries.\n\n[![Buy Me A Coffee](https://cdn.buymeacoffee.com/buttons/default-orange.png)](https://www.buymeacoffee.com/alexcuciureanu)\n\n## Inspiration\n\nMy project was influenced by Huli's ([@aszx87410](https://github.com/aszx87410)) work on [cdnjs-prototype-pollution](https://github.com/aszx87410/cdnjs-prototype-pollution). After exploring his approach, I was motivated to develop my own project, taking a different path.\n\n## What is PPFang?\n\nPPFang is a powerful tool designed to detect and mitigate prototype pollution vulnerabilities in your client-side JavaScript code. With PPFang, you can ensure the security and reliability of your applications by identifying and eliminating potential risks.\n\n## Features\n\n🔍 Verify the latest libraries from cdnjs.com\n\n📜 Check a list of URLs for client-side prototype polluting functions\n\n🚀 Easy installation and usage\n\n## Prerequisites\n\nBefore getting started with PPFang, make sure you have the following prerequisites installed on your Ubuntu/Debian system:\n\n- libnss3\n- libxss1\n- libasound2\n- libatk-bridge2.0-0\n- libgtk-3-0\n- libgbm-dev\n\n## Installation\n\nTo install PPFang, simply run the following command:\n\n## Prerequisites on `Ubuntu/Debian`\n\nIn case you get the following message on `Ubuntu/Debian`:\n\n```bash\n/.cache/puppeteer/chrome/linux-1108766/chrome-linux/chrome: error while loading shared libraries: libatk-1.0.so.0: cannot open shared object file: No such file or directory\n```\n\nYou might need to install the following packages:\n\n```sh\nsudo apt-get install libnss3 libxss1 libasound2 libatk-bridge2.0-0 libgtk-3-0 libgbm-dev\n```\n\n## Install dependencies\n\n```sh\nnpm install -g ppfang\n```\n\nOr, if you prefer to install it from as an npm package from this repo directly.\n\n```sh\nnpm install -g .\n```\n\nOr, if you want to simply run it.\n\n```sh\nnode index.js\n```\n\nor with arguments\n\n```sh\nnode index.js -- [arguments go here]\n```\n\n## Usage\n\n```text\nUsage: ppfang [command] [option]\n\nA tool which helps identifying client-side prototype polluting libraries\n\nOptions:\n  -h, --help       display help for command\n\nCommands:\n  cdnjs [options]  Verifies the latest libraries from cdnjs.com\n  pipe [options]   Checks a list of urls provided through stdin for client-side prototype polluting functions\n  help [command]   display help for command\n\n\nExamples:\n\n  ppfang cdnjs\n\n  ppfang cdnjs -c 50\n\n  cat urls.txt | ppfang pipe -c 10\n\n  echo \"https://somesite.com/\" | ppfang pipe\n\n  gau --blacklist png,jpg,gif,txt,json,js some-random-domain.com | ppfang pipe -c 50\n\n  ppfang --help || ppfang\n\nHappy hunting!\n```\n\n## Interpreting Results 🧐\n\nPPFang will output a list of potential prototype pollution vulnerabilities. For example, you might see a result like `String.prototype.$initialize`. This means that the `$initialize` function is potentially polluting the `String` prototype.\n\n## Testing Vulnerabilities 🔍\n\nYou can test the potential impact of this pollution by executing a function in the context of this prototype. For instance, you can execute an `alert()` function like this:\n\n```javascript\nString.prototype.$initialize.call(alert(document.domain));\n```\n\nFor more special cases, such as getting results where the function names have names like: `String.prototype.$\u003c=\u003e`, `String.prototype.$==`, `String.prototype.$eql?` and so on. You can do it like this:\n\n```javascript\nString.prototype['$\u003c=\u003e'].call(alert(document.domain));\n```\n\nIn this example, `document.domain` is passed to the `alert()` function. If the prototype pollution vulnerability is exploitable, this will display an alert box with the current document's domain.\n\n## Mitigating Risks 🛡️\n\nOnce you've identified potential vulnerabilities, take the steps to mitigate them. This might involve refactoring your code or removing the offending library.\n\nRemember, the goal of PPFang is to help you identify these potential vulnerabilities so you can take steps to mitigate them. Always ensure to validate the findings and take appropriate action to secure your code.\n\n## Presentations which mentioned PPFang\n\n[sec4dev 2022 – Bypassing CSPs Zero to hero – Robbe Van Roey](https://www.youtube.com/watch?v=V75Bg2Y0_8k)\n\n## Greetings to everyone\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Facuciureanu%2Fppfang","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Facuciureanu%2Fppfang","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Facuciureanu%2Fppfang/lists"}