0.0.3 • Published 10 months ago
@stepsec/malware-simulator v0.0.3
Malware-Simulator Package
To simulate behavior of past compromised packages, StepSecurity has created a package called @stepsec/malware-simulator. The simulator is NOT actual malware; the package just makes an outbound call to stepsec.github.io in a preinstall
step
This package can be used by developers to:
- Understand how malicious packages make outbound calls as part of the install steps
- How the Harden-Runner GitHub Action can find this behavior (tutorial)
- Use as a test package for your applications – to check if defenses are working as expected
You can think of the @stepsec/malware-simulator being similar to the EICAR anti-virus simulator file, which is used as a test file for anti-virus software.
0.0.3
10 months ago