Usage

Tip

️🛡 ️View Node Security Scan Results

`73 Bandit Tests`

Test Details

Test ID Test Name

B101 assert_used

B102 exec_used

B103 set_bad_file_permissions

B104 hardcoded_bind_all_interfaces

B105 hardcoded_password_string

B106 hardcoded_password_funcarg

B107 hardcoded_password_default

B108 hardcoded_tmp_directory

B110 try_except_pass

B112 try_except_continue

B113 request_without_timeout

B201 flask_debug_true

B202 tarfile_unsafe_members

B301 pickle

B302 marshal

B303 md5

B304 ciphers

B305 cipher_modes

B306 mktemp_q

B307 eval

B308 mark_safe

B310 urllib_urlopen

B311 random

B312 telnetlib

B313 xml_bad_cElementTree

B314 xml_bad_ElementTree

B315 xml_bad_expatreader

B316 xml_bad_expatbuilder

B317 xml_bad_sax

B318 xml_bad_minidom

B319 xml_bad_pulldom

B320 xml_bad_etree

B321 ftplib

B323 unverified_context

B324 hashlib_insecure_functions

B401 import_telnetlib

B402 import_ftplib

B403 import_pickle

B404 import_subprocess

B405 import_xml_etree

B406 import_xml_sax

B407 import_xml_expat

B408 import_xml_minidom

B409 import_xml_pulldom

B410 import_lxml

B411 import_xmlrpclib

B412 import_httpoxy

B413 import_pycrypto

B415 import_pyghmi

B501 request_with_no_cert_validation

B502 ssl_with_bad_version

B503 ssl_with_bad_defaults

B504 ssl_with_no_version

B505 weak_cryptographic_key

B506 yaml_load

B507 ssh_no_host_key_verification

B508 snmp_insecure_version

B509 snmp_weak_cryptography

B601 paramiko_calls

B602 subprocess_popen_with_shell_equals_true

B603 subprocess_without_shell_equals_true

B604 any_other_function_with_shell_equals_true

B605 start_process_with_a_shell

B606 start_process_with_no_shell

B607 start_process_with_partial_path

B608 hardcoded_sql_expressions

B609 linux_commands_wildcard_injection

B610 django_extra_used

B611 django_rawsql_used

B612 logging_config_insecure_listen

B701 jinja2_autoescape_false

B702 use_of_mako_templates

B703 django_mark_safe

`30 Blacklisted Python Imports`

Test Details

Package Name Test ID

telnetlib B401

ftplib B402

httpoxy B412

pycrypto B413

pyghmi B415

paramiko B601

subprocess B602

pip B816

tarfile B817

zipfile B818

importlib B819

imp B820

pkgutil B821

runpy B822

ctpyes B823

os.system B824

pty B825

requests.urlib B826

http.server B827

pickle B403

subprocess B404

xml.etree B405

xml.sax B406

xml.expat B407

xml.minidom B408

xml.pulldom B409

lxml B410

xmlrpclib B411

`3294 Yara Tests`

Test Details

Source Test Name File License

telekom-security teabot.yar source Unknown

jpcertcc jpcertcc-malconfscan-rule.yara source Unknown

citizenlab t5000.yara source Unknown

malware-families steganography.yar source Unknown

binaryalert eicar.yara source Apache License 2.0

red_team_tool_countermeasures HackTool_PY_ImpacketObfuscation_2.yar source Unknown

fsf-compressed ft_elf.yara source Apache License 2.0

anyrun FakeCheck.yar source Unknown

malpedia win.winordll64_auto.yar source Unknown

gcti Sliver__Implant_64bit.yara source Apache License 2.0

elastic-security Linux_Ransomware_Conti.yar source Unknown

threat-intel yara.yar source Unknown

trojans arkei_stealer.yara source MIT License

alienvaultlabs sandboxdetect.yar source Unknown

aa-comfy-nodes-rules dangerous_sites.yar source Unknown

jipegit Shylock.yar source Unknown

cyberdefenses u34.yar source MIT License

security-magic JupyterPS.yar source Unknown

cyber-defence authenticode_anomalies.yara source Unknown

tenable pas_web_kit.yar source Unknown

conventionengine ConventionEngine.yar source Unknown

trellix-atr Trojan_CoinMiner.yar source Apache License 2.0

intezer Rekoobe.yar source MIT License

eset badiis.yar source BSD 2-Clause "Simplified" License

advanced-threat-detection Trojan_CoinMiner.yar source Apache License 2.0

si-falcon windows_misc.yar source Unknown

reversinglabs Win32.Ransomware.CryptoWall.yara source MIT License

yarasigs-x64dbg crypto_signatures.yara source Unknown

f0wl deathransom.yar source MIT License

delivr-to html_wasm.yar source Unknown

unprotect findcrypt.yar source Unknown

deadbits DNSpionage.yara source Unknown

See all 3294 Yara Tests

`808256 Blacklisted (2022+) IPs`

Click to expand

Name Description

Usage

Note

Requires Linux

git clone https://github.com/christian-byrne/custom-nodes-security-scan.git

sudo apt install firejail yara rar
cd custom-nodes-security-scan
python3 -m venv venv && source venv/bin/activate
pip install -r requirements.txt

vim config.json

chmod +x ./scan.sh
./scan.sh

Adding Tests and Blacklists

Test Type	Process to Add
Add blacklisted python call	edit scan/bandit/blacklists/calls.py
Add blacklisted python import	edit scan/bandit/blacklists/imports.py
Add blacklisted websites/domains/IPs	edit scan/yara/yara-rules/aa-comfy-nodes-rules/dangerous-sites.yar
Add custom tests for python code	Write `.py` tests and add to scan/bandit/plugins
Add custom yara rules	write `.yara` tests and add to scan/yara/yara-rules/aa-comfy-nodes-rules

Name		Name	Last commit message	Last commit date
Latest commit History 25 Commits
auto-doc		auto-doc
dast		dast
docs		docs
report-templates		report-templates
scripts		scripts
src		src
wiki		wiki
.gitignore		.gitignore
README.md		README.md
config.json		config.json
requirements.txt		requirements.txt
scan.sh		scan.sh
settrace_import_scan.log_		settrace_import_scan.log_
settrace_scan.py		settrace_scan.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

️🛡 ️View Node Security Scan Results

`73 Bandit Tests`

`30 Blacklisted Python Imports`

`3294 Yara Tests`

`808256 Blacklisted (2022+) IPs`

Usage

Adding Tests and Blacklists

About

Releases

Packages

Languages

Test ID	Test Name
B101	assert_used
B102	exec_used
B103	set_bad_file_permissions
B104	hardcoded_bind_all_interfaces
B105	hardcoded_password_string
B106	hardcoded_password_funcarg
B107	hardcoded_password_default
B108	hardcoded_tmp_directory
B110	try_except_pass
B112	try_except_continue
B113	request_without_timeout
B201	flask_debug_true
B202	tarfile_unsafe_members
B301	pickle
B302	marshal
B303	md5
B304	ciphers
B305	cipher_modes
B306	mktemp_q
B307	eval
B308	mark_safe
B310	urllib_urlopen
B311	random
B312	telnetlib
B313	xml_bad_cElementTree
B314	xml_bad_ElementTree
B315	xml_bad_expatreader
B316	xml_bad_expatbuilder
B317	xml_bad_sax
B318	xml_bad_minidom
B319	xml_bad_pulldom
B320	xml_bad_etree
B321	ftplib
B323	unverified_context
B324	hashlib_insecure_functions
B401	import_telnetlib
B402	import_ftplib
B403	import_pickle
B404	import_subprocess
B405	import_xml_etree
B406	import_xml_sax
B407	import_xml_expat
B408	import_xml_minidom
B409	import_xml_pulldom
B410	import_lxml
B411	import_xmlrpclib
B412	import_httpoxy
B413	import_pycrypto
B415	import_pyghmi
B501	request_with_no_cert_validation
B502	ssl_with_bad_version
B503	ssl_with_bad_defaults
B504	ssl_with_no_version
B505	weak_cryptographic_key
B506	yaml_load
B507	ssh_no_host_key_verification
B508	snmp_insecure_version
B509	snmp_weak_cryptography
B601	paramiko_calls
B602	subprocess_popen_with_shell_equals_true
B603	subprocess_without_shell_equals_true
B604	any_other_function_with_shell_equals_true
B605	start_process_with_a_shell
B606	start_process_with_no_shell
B607	start_process_with_partial_path
B608	hardcoded_sql_expressions
B609	linux_commands_wildcard_injection
B610	django_extra_used
B611	django_rawsql_used
B612	logging_config_insecure_listen
B701	jinja2_autoescape_false
B702	use_of_mako_templates
B703	django_mark_safe

Source	Test Name	File	License
telekom-security	teabot.yar	source	Unknown
jpcertcc	jpcertcc-malconfscan-rule.yara	source	Unknown
citizenlab	t5000.yara	source	Unknown
malware-families	steganography.yar	source	Unknown
binaryalert	eicar.yara	source	Apache License 2.0
red_team_tool_countermeasures	HackTool_PY_ImpacketObfuscation_2.yar	source	Unknown
fsf-compressed	ft_elf.yara	source	Apache License 2.0
anyrun	FakeCheck.yar	source	Unknown
malpedia	win.winordll64_auto.yar	source	Unknown
gcti	Sliver__Implant_64bit.yara	source	Apache License 2.0
elastic-security	Linux_Ransomware_Conti.yar	source	Unknown
threat-intel	yara.yar	source	Unknown
trojans	arkei_stealer.yara	source	MIT License
alienvaultlabs	sandboxdetect.yar	source	Unknown
aa-comfy-nodes-rules	dangerous_sites.yar	source	Unknown
jipegit	Shylock.yar	source	Unknown
cyberdefenses	u34.yar	source	MIT License
security-magic	JupyterPS.yar	source	Unknown
cyber-defence	authenticode_anomalies.yara	source	Unknown
tenable	pas_web_kit.yar	source	Unknown
conventionengine	ConventionEngine.yar	source	Unknown
trellix-atr	Trojan_CoinMiner.yar	source	Apache License 2.0
intezer	Rekoobe.yar	source	MIT License
eset	badiis.yar	source	BSD 2-Clause "Simplified" License
advanced-threat-detection	Trojan_CoinMiner.yar	source	Apache License 2.0
si-falcon	windows_misc.yar	source	Unknown
reversinglabs	Win32.Ransomware.CryptoWall.yara	source	MIT License
yarasigs-x64dbg	crypto_signatures.yara	source	Unknown
f0wl	deathransom.yar	source	MIT License
delivr-to	html_wasm.yar	source	Unknown
unprotect	findcrypt.yar	source	Unknown
deadbits	DNSpionage.yara	source	Unknown

Comfy-Org/cbyrne-custom-nodes-security-scan

Folders and files

Latest commit

History

Repository files navigation

️🛡 ️View Node Security Scan Results

73 Bandit Tests

30 Blacklisted Python Imports

3294 Yara Tests

808256 Blacklisted (2022+) IPs

Usage

Adding Tests and Blacklists

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

`73 Bandit Tests`

`30 Blacklisted Python Imports`

`3294 Yara Tests`

`808256 Blacklisted (2022+) IPs`

Packages