Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/aydinnyunus/packagespy
PackageSpy is a versatile command-line tool designed to simplify the process of searching for packages on two popular package managers
https://github.com/aydinnyunus/packagespy
golang javascript npm pypi python security
Last synced: about 2 months ago
JSON representation
PackageSpy is a versatile command-line tool designed to simplify the process of searching for packages on two popular package managers
- Host: GitHub
- URL: https://github.com/aydinnyunus/packagespy
- Owner: aydinnyunus
- License: apache-2.0
- Created: 2024-01-21T17:27:11.000Z (11 months ago)
- Default Branch: main
- Last Pushed: 2024-06-19T10:31:37.000Z (6 months ago)
- Last Synced: 2024-09-27T01:48:34.152Z (3 months ago)
- Topics: golang, javascript, npm, pypi, python, security
- Language: Go
- Homepage: https://sockpuppets.medium.com/exposing-hidden-dangers-the-essential-guide-to-secret-scanning-in-package-repositories-c483dcf3b82f
- Size: 41 KB
- Stars: 21
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# PackageSpy
PackageSpy is a versatile command-line tool designed to simplify the process of searching for secrets within packages on popular package managers using Gitleaks. It provides a convenient interface for security researchers, developers and system administrators to identify and manage sensitive information leaks across different environments.
## Installation
Before you start using PackageSpy, make sure you have Go (Golang) installed on your system. You can download and install Go from the official website: [Go Downloads](https://golang.org/dl/)
Once you have Go installed, you can install PackageSpy using the following command:
```shell
go install github.com/aydinnyunus/PackageSpy@latest
```## Usage
PackageSpy supports four different search options, combining keyword and package manager:
1. Search for packages using a keyword on npm:
```shell
go run . scan --search keyword --npm
```2. Search for packages using a keyword on PyPI:
```shell
go run . scan --search keyword --pypi
```3. Search for packages by a user's username on npm:
```shell
go run . scan --username username --npm
```4. Search for packages by a user's username on PyPI:
```shell
go run . scan --username username --pypi
```Replace `keyword` with your desired search term and `username` with the username you want to search for.
## Example
Here's an example of using PackageSpy to search for Python packages related to data science on PyPI:
```shell
go run . scan --search datascience --pypi
```## Features
- Cross-platform compatibility: PackageSpy is written in Go, making it compatible with Windows, macOS, and Linux.
- Seamless integration: Easily incorporate PackageSpy into your development workflow by using the provided CLI commands.
- Efficient searches: Quickly find packages related to your specific needs using either keywords or usernames on npm and PyPI.## Contributing
PackageSpy is an open-source project, and we welcome contributions from the community. If you have ideas for improvements or would like to report issues, please visit our GitHub repository: [PackageSpy](https://github.com/aydinnyunus/PackageSpy)
## Contact
[](https://linkedin.com/in/yunus-ayd%C4%B1n-b9b01a18a/) [](https://github.com/aydinnyunus/WhatsappBOT) [](https://instagram.com/aydinyunus_/) [](https://twitter.com/aydinnyunuss)