🔍
CSAPP
  • 🔍CSAPP
  • Overview
    • 💡Why??
    • ✨Features
      • ⛏️pypi_data_harvest.py
      • 🗃️pypi_package_validator.py
      • 🎯audit_pypi_info_db.py
  • Fundamentals
    • 🛠️Getting set up
  • Web App Walkthrough
    • 🏠Homepage
    • 🧐Explore Page
  • Threat Hunting
    • 📔PyPI's Terms of Use
    • ❔Useful SQL Queries
    • 🕵️‍♂️Analyzing A Python Package
    • 👾Malicious Package Techniques
    • 🎯Hunting Tips
Powered by GitBook
On this page

Last updated 1 year ago

Streamlit is used to host a local web app on your machine that provides a user interface with the data set.

Before installing CSAPP, you can demo the user interface with a sample of the data set on Streamlit.io -->

Knowledge Prerequisites

To use this tool effectively, you may need to have:

  • a basic understanding of Python

  • be familiar with how functions

  • know code techniques adversaries implement in malicious packages

  • understand how adversaries trick users into downloading their malicious package

  • a basic understanding of data analysis

  • be able to write a simple SQL query

Threat Hunting For Malicious Packages

Start by installing CSAPP locally, follow the instructions.

Read through the to get familiar with the user interface.

Read through to understand what attackers are doing.

Run some of the SQL queries documented, .

Start

Did you know PyPI will remove packages that don't contain malware? Read up on what PyPI considers an invalid package in .

  • Knowledge Prerequisites
  • Threat Hunting For Malicious Packages
csapp-adamcysec.streamlit.app
PyPI.org
Getting set up
Web App Walkthrough
Malicious Package Techniques
Useful SQL Queries
Analyzing Python Packages
PyPI's Terms of Use
PreviousWhy??Nextpypi_data_harvest.py
  1. Overview

✨Features

Interacting with CSAPP's data set involves using Streamlit