Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/aydinnyunus/packagespy

PackageSpy is a versatile command-line tool designed to simplify the process of searching for packages on two popular package managers
https://github.com/aydinnyunus/packagespy

golang javascript npm pypi python security

Last synced: 4 days ago
JSON representation

PackageSpy is a versatile command-line tool designed to simplify the process of searching for packages on two popular package managers

Host: GitHub
URL: https://github.com/aydinnyunus/packagespy
Owner: aydinnyunus
License: apache-2.0
Created: 2024-01-21T17:27:11.000Z (10 months ago)
Default Branch: main
Last Pushed: 2024-06-19T10:31:37.000Z (5 months ago)
Last Synced: 2024-09-27T01:48:34.152Z (about 2 months ago)
Topics: golang, javascript, npm, pypi, python, security
Language: Go
Homepage: https://sockpuppets.medium.com/exposing-hidden-dangers-the-essential-guide-to-secret-scanning-in-package-repositories-c483dcf3b82f
Size: 41 KB
Stars: 21
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# PackageSpy

PackageSpy is a versatile command-line tool designed to simplify the process of searching for secrets within packages on popular package managers using Gitleaks. It provides a convenient interface for security researchers, developers and system administrators to identify and manage sensitive information leaks across different environments.

## Installation

Before you start using PackageSpy, make sure you have Go (Golang) installed on your system. You can download and install Go from the official website: [Go Downloads](https://golang.org/dl/)

Once you have Go installed, you can install PackageSpy using the following command:

```shell
go install github.com/aydinnyunus/PackageSpy@latest
```

## Usage

PackageSpy supports four different search options, combining keyword and package manager:

1. Search for packages using a keyword on npm:
```shell
go run . scan --search keyword --npm
```

2. Search for packages using a keyword on PyPI:
```shell
go run . scan --search keyword --pypi
```

3. Search for packages by a user's username on npm:
```shell
go run . scan --username username --npm
```

4. Search for packages by a user's username on PyPI:
```shell
go run . scan --username username --pypi
```

Replace `keyword` with your desired search term and `username` with the username you want to search for.

## Example

Here's an example of using PackageSpy to search for Python packages related to data science on PyPI:

```shell
go run . scan --search datascience --pypi
```

## Features

- Cross-platform compatibility: PackageSpy is written in Go, making it compatible with Windows, macOS, and Linux.
- Seamless integration: Easily incorporate PackageSpy into your development workflow by using the provided CLI commands.
- Efficient searches: Quickly find packages related to your specific needs using either keywords or usernames on npm and PyPI.

## Contributing

PackageSpy is an open-source project, and we welcome contributions from the community. If you have ideas for improvements or would like to report issues, please visit our GitHub repository: [PackageSpy](https://github.com/aydinnyunus/PackageSpy)

## Contact

[](https://linkedin.com/in/yunus-ayd%C4%B1n-b9b01a18a/) [ Github ](https://github.com/aydinnyunus/WhatsappBOT) [](https://instagram.com/aydinyunus_/) [](https://twitter.com/aydinnyunuss)