A tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE
DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE
- You Can install the tool using the following command by pip3 -r requirmentes.txt install and the tool requirmentes will be installed inside your machine
- The tool until now is running for node.js dependencies only but in next realase will be allow for the other frameworks like gemfile, pypi
- You can use the tool using the following command by type:
python3 DepFine.py RawForPackage.com
Hossam mesbah
Ahmed ibrahim
GitHub