PP-Auto-Detector

Team NodeBoB Prototype Pollution Auto Detection Tool in Node.js npm package.

How does it work?

node pp.js

This tool detects prototype pollution in Node.js npm package.

It goes...

get npm package lists by keyword(you can change keywords and starting index)
install package.
check prototype pollution in the package.
delete package.
repeat 2-4 for package lists we got.

CVE

CVE-2023-45827
- https://github.com/clickbar/dot-diver/security/advisories/GHSA-9w5f-mw3p-pj47
CVE-2024-23339
- https://github.com/elijahharry/hoolock/security/advisories/GHSA-4c2g-hx49-7h25
30+ undisclosed pp vulnerability

Credits

Team : NodeBoB

최지혁 ( Jihyeok Choi )

이동하 ( Lee Dong Ha of ZeroPointer Lab )

강성현 ( kang seonghyeun )

박성진 ( sungjin park )

김찬호 ( Chanho Kim )

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
Dockerfile		Dockerfile
README.md		README.md
crawl.js		crawl.js
pp.js		pp.js
singlepackage_pp.js		singlepackage_pp.js

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

PP-Auto-Detector

Contents

How does it work?

CVE

Credits

About

Uh oh!

Releases

Packages

Languages

d3ng03/PP-Auto-Detector

Folders and files

Latest commit

History

Repository files navigation

PP-Auto-Detector

Contents

How does it work?

CVE

Credits

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages