eth-phishing-detect
betterscan-ce
| eth-phishing-detect | betterscan-ce | |
|---|---|---|
| 23 | 34 | |
| 959 | 683 | |
| 1.9% | - | |
| 10.0 | 7.3 | |
| 4 days ago | 21 days ago | |
| JavaScript | Python | |
| GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
eth-phishing-detect
-
MATRIX ABYSS SCAM (SCAMS ON UPWORK)
The project is called MATRIX ABYSS, but their website is https://abyssmatrix.world. When I looked up https://matrixabyss.world/ there is an error saying that this website has been flagged for phishing, by metamask eth-phishing-detect. Super sus.
- Collectively growing mainstream media and useless creator's blacklist.
- Blocked website legitimate website.
-
Daily General Discussion - December 10, 2022
This was an issue with Metamask's fuzzy filtering, see here. The issue has been resolved, and it's been plenty of time for the change to propagate around. Not sure if you need to update your Metamask or clear your cache or something. Unfortunate that it's still causing trouble.
-
Testing my new hot wallet on a live phishing site
MetaMask already has a blacklist for phishing websites: https://github.com/MetaMask/eth-phishing-detect
-
Asking for feedback about my business website
Yea, no idea why: https://github.com/MetaMask/eth-phishing-detect/issues/7876
-
Junoswap: Metamask Phishing Detection System??
they added sudoswap to their fuzzy list https://github.com/MetaMask/eth-phishing-detect/pull/7633 and that caused issues with other domains with "swap" in the name
- They admit it's a scam.
-
Show HN: We made an open-source personalization engine
According to the code on https://github.com/MetaMask/eth-phishing-detect/blob/45ea5cf..., looks like that everything within Levenstein distance of 3 from whitelisted hosts (like "metamask.*") is blocked.
Metarank and Metamask have the distance of 3. I've made a ticket some time ago in their github repo (https://github.com/MetaMask/eth-phishing-detect/issues/6855), but it seems that it was lost in thousands of similar tickets.
-
Daily General Discussion - January 30, 2022
Do you have an old version of Metamask? That site was accidentally picked up by a blacklist regex but was whitelisted again back in october - https://github.com/MetaMask/eth-phishing-detect/pull/5563
betterscan-ce
-
Cloud and Code Security - betterscan.io
More on the website: www.betterscan.io
-
Do you SLSA or SBOM in your SDLC?
Maybe you will find https://github.com/marcinguy/betterscan-ce useful (scans SBOMs and Dependencies, apart from Code and IaC).
-
SBOM and dependencies check tool and vulnerabilities database from Google
P.S I also added it to my Security Automation/Orchestration project, it was missing there: https://github.com/marcinguy/betterscan-ce Hope it helps somebody.
-
Nosey Parker: a new scanner to find misplaced secrets in textual data and Git history
Congrats on release. Feel free to check out https://github.com/marcinguy/betterscan-ce It is not that fast, but detects 166+ secret types (modified trufflehog3) and also bugs and vulnerabilities in Code and Cloud setups.
-
OpenSSL 3.0.7 Published
If you want to scan binary to see if this uses vulnerable version, use this YARA rule: https://github.com/marcinguy/betterscan-ce/blob/master/analy...
Courtesy of Akamai.
If you don't know YARA tool, you can run this command in the folder where your binary is (it will install everything needed):
sh <(curl https://dl.betterscan.io/cli.sh)
Hope that helps somebody
-
Text4shell CVE-2022-42889 scan
More: https://github.com/marcinguy/betterscan-ce
- Asking for feedback about my business website
- PMD Apex Code Scanner with integration with CLI output (HTML, JSON, Terminal) or Platform
- Open Source (with Professional paid version) Apex Scanning Tool for Salesforce for Security, Quality and Best practices using PMD with many other checks (incl. secrets)
- Checkov + Kubescape + Code checks unified in one interface/UI or output
What are some alternatives?
ZeroNet - ZeroNet - Decentralized websites using Bitcoin crypto and BitTorrent network
awesome-guidelines - A curated list of high quality coding style conventions and standards.
metarank - A low code Machine Learning personalized ranking service for articles, listings, search results, recommendations that boosts user engagement. A friendly Learn-to-Rank engine
osv-scanner - Vulnerability scanner written in Go which uses the data provided by https://osv.dev
airdrop-addresses
noseyparker - Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
clarion
ThreatPlaybook - A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
RetroShare - RetroShare is a Free and Open Source cross-platform, Friend-2-Friend and secure decentralised communication platform.
CVE-2022-3602
teku - Open-source Ethereum consensus client written in Java
osv.dev - Open source vulnerability DB and triage service.