Hackers of India


Packj Flags Malicious/Risky Open-Source Packages


Ajinkya Rajput  Devdutt Patnaik 



From https://github.com/ossillate-inc/packj

Packj (pronounced package) is a tool to help to mitigate software supply chain attacks. It can detect malicious, vulnerable, abandoned, typo-squatting, and other “risky” packages from popular open-source package registries, such as NPM, RubyGems, and PyPI. It can be easily customized to minimize noise. Packj started as a PhD research project and is currently being developed under various govt grants.

List of Sessions


---- Talk ----
---- 2022 ----

---- Tool Demo ----
---- 2022 ----