Skip to content
/ nasty-gem-finder Public

A quick ruby script to check for Gems on recent malicious gem list

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Michael-Wayne-Wells/nasty-gem-finder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
.customcommand.sh
.customcommand.sh
 
 
Gemfile
Gemfile
 
 
README.md
README.md
 
 
app.rb
app.rb
 
 
art.txt
art.txt
 
 
fileToScan
fileToScan
 
 
ruby_malicious_gems.txt
ruby_malicious_gems.txt
 
 

Repository files navigation

nasty-gem-finder

A quick ruby script to check for Gems on recent malicious gem list

More information here:

https://blog.reversinglabs.com/blog/mining-for-malicious-ruby-gems

To run:

  • clone repo:

git clone https://github.com/Michael-Wayne-Wells/nasty-gem-finder.git

  • CD into and install
cd nasty-gem-finder
bundle install
chmod +x .customcommand.sh
source .customcommand.sh

  • Add contents of the Gemfile, Gemfile.lock, or results gem list ran in your projects directory into the fileToTest file by copy and pasting

  • Add more names of malicous gems by running malgem command followed by as many arguments as needed seperated by spaces:

malgem EXAMPLEGEM1 EXAMPLEGEM2 EXAMPLEGEM3

  • Run it!

ruby app.rb

About

A quick ruby script to check for Gems on recent malicious gem list

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages