1.0.1 • Published 8 months ago
@rabobankk/cool-internal-lib v1.0.1
NPM Namespace Typosquatting Demo
This repository contains a Node application that has the "rabobankk" scope (owned by us), to be able to demonstrate namespace typosquatting scenarios.
Building & Distributing
npm publish --access public
Attack scenario
Install the npm:
npm install @rabobankk/cool-internal-lib
When the npm for this application is installed, it places a file called hacker-was-here.txt
in its own directory in node_modules
. There is no need to create or run an application that uses this npm.
1.0.1
8 months ago