Compare the contents of your hosted and proxy repositories for coordinate collisions

Related tags

Networkingrepo-diff
Overview

Nexus Repository Manager dependency/namespace confusion checker

This repository contains a script to check if you have artifacts containing the same name between your repositories. This can be used to check if you're affected by a Dependency Confusion Attack

For example

npm-hosted has packages published with the @mycompany/[email protected]
npm-proxy has a package called @mycompany/[email protected]

This would be a match.

Requirements

  • Python3
  • NXRM3 OSS or PRO

Instructions

Step 1: Customise values in repo-diff.py

You'll need to modify the script to include

  1. Auth creds or tokens from your NXRM3.
  2. URL to your Nexus
  3. Repositories to compare in REPOS. e.g. to compare ruby and npm hosted to their proxies
REPOS = {
    # hosted: proxy
    "ruby-hosted": "ruby-proxy",
    "npm-hosted": "npm-group-proxy"
}

You'll find examples of all in the script.

Step 2: Create new virtual environment

python3 -m venv my-venv

Step 3: Activate your virtual environment

Do this in your terminal or by using your favorite IDE

Windows

my-venv\Scripts\activate.bat

MacOs *NIX Linux

source my-venv/bin/activate

Step 4: Install dependencies

pip install -r requirements.txt

Step 5: Run script

To run the script simply type - results will be printed out to stdout and can be piped to a file for later use.

 python3 repo-diff.py
Owner
Sonatype Community
Community projects meant for the Sonatype Nexus Platform. Affiliated with Sonatype, but inclusive of work our community has done!
Sonatype Community
GitHub Repository
A Network tool kit for scanning active IP addresses and open ports

Network scanner A small project that I wrote on the fly for (IT351) Computer Networks University Course to identify and label the devices in my networ

Mohamed Abdelrahman 10 Nov 07, 2022
Desktop application for checking sites connection in a background mode

Site connectivity checker Desktop application for checking site connection in a background mode by sending ICMP messages. Problem and solution Usually

Karina Singatullina 26 Dec 19, 2022
Arp Spoofer using Python 3.

ARP Spoofer / Wifi Killer By Auax Run: Run the application with the following command: python3 spoof.py -t target_ip_address -lh host_ip_address I

Auax 6 Sep 15, 2022
Get Your Localhost Online - Ngrok Alternative

Get Your Localhost Online - Ngrok Alternative

Azimjon Pulatov 442 Jan 04, 2023
Distribute a portion of your yield to other addresses 💙

YSHARE Distribute a portion of your yield to other addresses. How does it work Desposit your yToken or tokens into this contract Set the benificiaries

11 Nov 24, 2021
A Python library to ease the integration with the Beem Africa (SMS, AIRTIME, OTP, 2WAY-SMS, BPAY, USSD)

python-client A Python library to easy the integration with the Beem Africa SMS Gateway Features to be Implemented Airtime OTP SMS Two way SMS USSD Bp

Beem Africa 24 Oct 29, 2022
Python module to interface with Tuya WiFi smart devices

TinyTuya Python module to interface with Tuya WiFi smart devices Description This python module controls and monitors Tuya compatible WiFi Smart Devic

Jason Cox 365 Dec 26, 2022
An ftp syncing python package that I use to sync pokemon saves between my hacked 3ds running ftpd and my server

Sync file pairs over ftp and apply patches to them. Useful for using ftpd to transfer ROM save files to and from your DS if you also play on an emulator. Setup a cron job to check for your DS's ftp s

17 Jan 04, 2023
A TrueCharts automatic and bulk update utility

trueupdate A TrueCharts automatic and bulk update utility How to install run pip install trueupdate Please be aware you will need to reinstall after e

TrueCharts 125 Jan 04, 2023
The can package provides controller area network support for Python developers

python-can The Controller Area Network is a bus standard designed to allow microcontrollers and devices to communicate with each other. It has priorit

Brian Thorne 904 Dec 29, 2022
GlokyPortScannar is a really fast tool to scan TCP ports implemented in Python.

GlokyPortScannar is a really fast tool to scan TCP ports implemented in Python. Installation: This program requires Python 3.9. Linux

gl0ky 5 Jun 25, 2022
Socket Based Backdoor and Listener

The Project is mainly based on Sockets , File Handling and subprocess library for Creating backdoors For Hacking into one's Computer (Any OS-Platform Service) and listening on your computer and waiti

Shivansh Mehta 3 May 31, 2021
🎥 PYnema is a simple UDP server written in python, allows you to watch downloaded videos.

🎥 PYnema is a simple UDP server written in python, allows you to watch downloaded videos.

Jan Kupczyk 1 Jan 16, 2022
A simple, configurable application and set of services to monitor multiple raspberry pi's on a network.

rpi-info-monitor A simple, configurable application and set of services to monitor multiple raspberry pi's on a network. It can be used in a terminal

Kevin Kirchhoff 11 May 22, 2022
Dos attack a Bluetooth connection!

Bluetooth Denial of service Script made for attacking Bluetooth Devices By Samrat Katwal. Warning This project was created only for fun purposes and p

Samrat 1 Oct 29, 2021
NetMiaou is an crossplatform hacking tool that can do reverse shells, send files, create an http server or send and receive tcp packet

NetMiaou is an crossplatform hacking tool that can do reverse shells, send files, create an http server or send and receive tcp packet

TRIKKSS 5 Oct 05, 2022
An advanced real time threat intelligence framework to identify threats and malicious web traffic on the basis of IP reputation and historical data.

ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of MISP to identify threats and malicious web traffic on the basis of IP reputatio

CRED 225 Dec 31, 2022
The AKS cluster provisioner provisions AKS clusters :-)

Overview The AKS cluster provisioner provisions AKS clusters :-) It uses the Azure CLI to configure VNet and subnets before creating the cluster itsel

Gigi Sayfan 1 Nov 10, 2021
Tool written on Python that locate all up host on your subnet

HOSTSCAN Easy to use command line network host scanner. From noob to noobs. Dependencies Nmap 7.92 or superior Python 3.9 or superior All requirements

NexCreep 4 Feb 27, 2022
Simple Port Scanner With Socket Module In Python 3x

PortScanner Simple Port Scanner With Socket Module In Python 3x How To Install Requirements Of This Port Scanner sudo apt install python3;sudo apt ins

1 Nov 23, 2021