npx skills add mukul975/Anthropic-Cybersecurity-SkillsMITRE ATT&CK
When to Use
- Auditing project dependencies to identify packages whose names are suspiciously similar to popular libraries
- Proactively scanning package registries for newly published packages that may be typosquats of your organization's packages
- Investigating a suspected supply chain compromise where a developer installed a misspelled package name
- Building automated monitoring that alerts when new packages appear with names close to critical dependencies
- Assessing the risk profile of unfamiliar packages before adding them to a project's dependency tree
Do not use as the sole determination of malicious intent; name similarity alone does not prove a package is malicious. Do not use for bulk automated takedown requests without manual review of flagged packages. Do not use against private registries without authorization.
Prerequisites
- Python 3.9+ with
requestsandpython-Levenshtein(orrapidfuzz) packages installed - Network access to
https://pypi.org/pypi/<package>/json(PyPI JSON API) andhttps://registry.npmjs.org/<package>(npm registry API) - A list of popular or critical packages to monitor (e.g., top 1000 PyPI packages, organization's dependency list)
- Understanding of common typosquatting patterns: character omission, transposition, insertion, substitution, and hyphen/underscore manipulation
Workflow
Step 1: Build the Target Package Watchlist
Establish the set of legitimate packages to monitor for typosquats:
- Extract project dependencies: Parse
requirements.txt,Pipfile.lock,package.json, orpackage-lock.jsonto extract all direct and transitive dependency names - Include popular packages: Supplement with high-value targets from the top 1000 PyPI downloads (available from
https://hugovk.github.io/top-pypi-packages/) or top npm packages by download count - Add organization packages: Include any packages published by your organization that attackers might target with typosquats to intercept internal installations
- Normalize names: PyPI treats hyphens, underscores, and periods as equivalent (PEP 503 normalization:
re.sub(r"[-_.]+", "-", name).lower()). npm package names are case-sensitive but scoped packages use@scope/nameformat. Normalize before comparison.
Step 2: Generate Candidate Typosquat Names
Produce potential typosquat variants for each target package:
- Character omission: Remove each character one at a time (
requests->rquests,requets,reqests) - Character transposition: Swap adjacent characters (
requests->erquests,rqeuests,reques ts) - Character substitution: Replace characters with keyboard-adjacent keys using a QWERTY distance map (
requests->rrquests,requesta) - Character insertion: Insert common characters at each position (
requests->rrequests,reqquests) - Separator manipulation: For hyphenated names, try removing, doubling, or replacing separators (
my-package->mypackage,my--package,my_package) - Common prefix/suffix attacks: Prepend or append common strings (
python-requests,requests-python,requests2,requests-lib)
Step 3: Query Registry APIs for Candidate Packages
Check whether generated candidate names actually exist in the registry:
- PyPI JSON API: Send
GET https://pypi.org/pypi/<candidate>/jsonfor each candidate. A200response means the package exists;404means it does not. Extract from the response:info.name,info.version,info.author,info.summary,info.home_page,info.project_urls, andreleases(keyed by version withupload_time_iso_8601timestamps). - npm registry API: Send
GET https://registry.npmjs.org/<candidate>withAccept: application/json. Extract:name,description,dist-tags.latest,time.created,time.modified,maintainers, andversions. - Rate limiting: PyPI has no published rate limits but respect reasonable request rates (1-2 requests/second). npm registry returns
429when rate limited; implement exponential backoff. - Batch optimization: For large candidate lists, parallelize requests with connection pooling (
requests.Session) and limit concurrency to avoid triggering abuse protections.
Step 4: Analyze Package Metadata for Suspicion Signals
Score each existing candidate package against multiple heuristic signals:
- Levenshtein distance: Calculate the edit distance between the candidate name and the target. Packages with distance 1-2 from a popular package are high-priority suspects. Historical analysis shows 18 of 40 known typosquats had Levenshtein distance of 2 or less from their targets.
- Publish date recency: Compare the candidate's first publish date against the target's. A package created years after its near-namesake is more suspicious. Flag packages created within the last 90 days that are similar to packages published years ago.
- Download count disparity: Compare weekly downloads. Legitimate similarly-named packages typically have comparable or explainable download counts. A package with 50 downloads versus its near-namesake with 5 million downloads is suspicious. PyPI download stats are available via BigQuery (
pypistats.org/api/); npm provides download counts athttps://api.npmjs.org/downloads/point/last-week/<package>. - Author and maintainer analysis: Check if the candidate package author matches the legitimate package author. Different authors for near-identical names increase suspicion.
- Description similarity: Compare package descriptions. Typosquats frequently copy or closely paraphrase the target package description to appear legitimate.
- Version count: Legitimate packages typically have many versions over time. A package with only 1-2 versions and a name similar to a popular package is suspicious.
- Repository URL analysis: Check if the candidate links to the same repository as the target (likely legitimate fork/mirror) or has no repository URL (suspicious).
Step 5: Score, Rank, and Report Findings
Combine signals into a composite risk score and generate an actionable report:
- Weighted scoring: Assign weights to each signal. Example: Levenshtein distance 1 = 40 points, Levenshtein distance 2 = 25 points, created < 90 days ago = 15 points, download ratio < 0.001 = 15 points, different author = 10 points, single version = 5 points. Total score out of 100.
- Threshold classification: Score >= 70: HIGH risk (likely typosquat), 40-69: MEDIUM risk (requires manual review), < 40: LOW risk (likely legitimate)
- Generate report: For each flagged package, include the target it mimics, all signal values, the composite score, direct links to both packages on the registry, and a recommendation (block, investigate, or allow)
- Actionable output: Produce a blocklist of flagged package names that can be imported into package manager deny-lists, CI/CD policy engines, or artifact repository proxy rules
Key Concepts
| Term | Definition |
|---|---|
| Typosquatting | Registering a package name that closely resembles a popular package, exploiting common typos to trick developers into installing malicious code |
| Levenshtein Distance | The minimum number of single-character edits (insertions, deletions, substitutions) required to transform one string into another; the primary metric for measuring name similarity |
| Dependency Confusion | A broader supply chain attack where attackers publish malicious packages to public registries with names matching private internal packages, exploiting package manager resolution order |
| PEP 503 Normalization | The Python packaging specification that treats hyphens, underscores, and periods as equivalent in package names, meaning my-package, my_package, and my.package resolve to the same package |
| QWERTY Distance | A keyboard-layout-aware distance metric measuring how far apart two keys are on a standard keyboard, used to detect substitutions from adjacent key mistyping |
| Combosquatting | A variant of typosquatting where attackers prepend or append common words to a package name (e.g., requests-security, python-requests) |
| StarJacking | An attack where a typosquat package links its repository URL to the legitimate package's GitHub repository to inflate apparent credibility |
Tools & Systems
- PyPI JSON API: REST API at
https://pypi.org/pypi/<package>/jsonreturning package metadata including name, author, versions, upload timestamps, and project URLs - npm Registry API: REST API at
https://registry.npmjs.org/<package>returning package metadata including maintainers, version history, creation timestamps, and distribution info - python-Levenshtein / rapidfuzz: Python libraries for fast string distance computation, supporting Levenshtein, Damerau-Levenshtein, Jaro-Winkler, and other similarity metrics
- pypistats.org API: Provides download statistics for PyPI packages, enabling download count comparison between suspected typosquats and their targets
- npm download counts API: Endpoint at
https://api.npmjs.org/downloads/point/<period>/<package>providing download statistics for npm packages
Common Scenarios
Scenario: Auditing a Python Project for Typosquatted Dependencies
Context: A security team discovers that a developer's workstation was compromised after installing a Python package. The incident response team needs to audit all project dependencies for potential typosquats and establish ongoing monitoring.
Approach:
- Parse
requirements.txtandPipfile.lockto extract all 87 direct and transitive dependencies - Generate typosquat candidates for each dependency using character omission, transposition, substitution, and separator manipulation, producing approximately 2,400 candidate names
- Query the PyPI JSON API for each candidate, finding 34 that actually exist as published packages
- Score each existing candidate: 3 packages score above 70 (HIGH risk) with Levenshtein distance 1, created within the last 60 days, single version, and fewer than 100 downloads
- Manual review confirms 2 of the 3 are malicious typosquats containing obfuscated code that exfiltrates environment variables during installation
- Block the malicious packages in the organization's artifact proxy, report to PyPI for takedown via
security@pypi.org, and add all 87 dependencies to the ongoing monitoring watchlist - Implement the detection agent as a scheduled CI job that runs weekly and alerts on new HIGH-risk findings
Pitfalls:
- Not normalizing PyPI package names per PEP 503 before comparison, causing missed matches between hyphenated and underscored variants
- Setting the Levenshtein distance threshold too low (only 1) and missing typosquats at distance 2 that use double substitutions
- Relying solely on name similarity without checking metadata signals, leading to high false positive rates on legitimately similar package names
- Not accounting for npm scoped packages (
@scope/name) which have different naming rules than unscoped packages - Querying the registries too aggressively and getting rate-limited or IP-blocked
Output Format
## Typosquatting Detection Report
**Scan Date**: 2026-03-19
**Registry**: PyPI
**Packages Monitored**: 87
**Candidates Generated**: 2,412
**Candidates Found in Registry**: 34
**Flagged as Suspicious**: 5
### HIGH Risk (Score >= 70)
| Suspect Package | Target Package | Levenshtein | Created | Downloads | Score |
|----------------|---------------|-------------|---------|-----------|-------|
| reqeusts | requests | 1 | 2026-02-28 | 43 | 92 |
| requsets | requests | 1 | 2026-03-01 | 12 | 88 |
| numpyy | numpy | 1 | 2026-01-15 | 67 | 78 |
### Recommendation
- BLOCK: reqeusts, requsets, numpyy (add to artifact proxy deny-list)
- REPORT: Submit malware reports to security@pypi.org with package names and evidence
- MONITOR: Continue weekly scans for the full dependency watchlistReferences and resources
Everything below is rendered for inspection. Script files are read-only and never run.
References 1
api-reference.md5.5 KB
API Reference: Typosquatting Detection Agent for npm and PyPI
Overview
Detects typosquatting attacks in npm and PyPI package registries by generating candidate typosquat names using string manipulation techniques, querying registry APIs to check which candidates exist, and scoring each against multiple heuristic signals including Levenshtein distance, publish date recency, download count disparity, author mismatch, and version count. Produces risk-scored reports for security review.
Dependencies
| Package | Version | Purpose |
|---|---|---|
| requests | >=2.28 | HTTP requests to PyPI and npm registry APIs |
| python-Levenshtein | >=0.21 | Fast Levenshtein distance computation (optional; pure-Python fallback included) |
| rapidfuzz | >=3.0 | Alternative fast string distance library (optional) |
CLI Usage
# Scan for typosquats of a single PyPI package
python agent.py scan requests --registry pypi
# Scan for typosquats of an npm package
python agent.py scan express --registry npm
# Scan with limited candidate count
python agent.py scan numpy --registry pypi --max-candidates 50
# Scan all dependencies in a requirements file
python agent.py scan-file requirements.txt --registry pypi
# Scan all dependencies in a package.json
python agent.py scan-file package.json --registry npm
# Check a specific candidate against a target
python agent.py check reqeusts requests --registry pypi
# Generate typosquat candidates without querying registries
python agent.py generate requests
# Custom output path
python agent.py scan flask --registry pypi --output flask_typosquat_report.jsonArguments
| Argument | Required | Description |
|---|---|---|
command |
Yes | Subcommand: scan, scan-file, check, generate |
package |
For scan/generate | Target package name to analyze |
file |
For scan-file | Path to requirements.txt, package.json, or similar |
candidate |
For check | Candidate package name to evaluate |
target |
For check | Legitimate target package name to compare against |
--registry |
No | Registry to scan: pypi or npm (default: pypi) |
--max-candidates |
No | Maximum number of candidates to check per package |
--output |
No | Output report path (default: typosquat_report.json) |
Key Functions
generate_typosquat_candidates(name)
Generates potential typosquat variants using character omission, transposition, duplication, QWERTY keyboard-adjacent substitution, separator manipulation, and common prefix/suffix combosquatting. Returns a sorted list of unique candidate strings.
query_pypi_package(name, delay)
Queries GET https://pypi.org/pypi/<name>/json and parses name, version, author, summary, version count, and first/latest upload timestamps from the response. Returns None for non-existent packages (HTTP 404).
query_npm_package(name, delay)
Queries GET https://registry.npmjs.org/<name> and parses name, description, maintainers, version count, created/modified timestamps, license, and repository URL. Handles HTTP 429 rate limiting with exponential backoff.
get_pypi_downloads(name)
Queries https://pypistats.org/api/packages/<name>/recent to retrieve last-week download count for download disparity analysis.
get_npm_downloads(name)
Queries https://api.npmjs.org/downloads/point/last-week/<name> to retrieve last-week download count.
compute_suspicion_score(candidate_meta, target_meta, target_name, registry)
Computes a weighted suspicion score (0-100) combining six signals: Levenshtein distance (up to 40pts), publish recency (up to 15pts), download ratio (up to 15pts), different author (10pts), low version count (5pts), and missing repository URL (5pts). Returns the score and a signal breakdown dictionary.
classify_risk(score)
Maps composite score to risk level: HIGH (>=70), MEDIUM (40-69), LOW (<40).
scan_package(target_name, registry, max_candidates)
End-to-end scan: fetches target metadata, generates candidates, queries registry for each, scores existing candidates, and returns ranked results sorted by descending score.
scan_dependency_file(filepath, registry, max_candidates_per_pkg)
Parses a dependency file (requirements.txt, package.json, Pipfile), extracts package names, and runs scan_package for each. Returns aggregated results with high/medium/low summary counts.
normalize_pypi_name(name)
Normalizes PyPI package names per PEP 503: replaces hyphens, underscores, and periods with a single hyphen and lowercases the result.
Registry API Endpoints Used
| Endpoint | Method | Purpose |
|---|---|---|
https://pypi.org/pypi/<name>/json |
GET | PyPI package metadata (info, releases, URLs) |
https://registry.npmjs.org/<name> |
GET | npm package metadata (versions, time, maintainers) |
https://pypistats.org/api/packages/<name>/recent |
GET | PyPI download statistics |
https://api.npmjs.org/downloads/point/last-week/<name> |
GET | npm download statistics |
Scoring Weights
| Signal | Condition | Points |
|---|---|---|
| Levenshtein distance | Distance = 1 | 40 |
| Levenshtein distance | Distance = 2 | 25 |
| Levenshtein distance | Distance = 3 | 10 |
| Publish recency | Created <= 90 days ago | 15 |
| Publish recency | Created <= 180 days ago | 8 |
| Download ratio | candidate/target < 0.001 | 15 |
| Download ratio | candidate/target < 0.01 | 8 |
| Author mismatch | Different author/maintainer | 10 |
| Version count | <= 2 versions | 5 |
| Repository URL | Missing | 5 |
Scripts 1
agent.py19.8 KB
#!/usr/bin/env python3
"""Typosquatting Detection Agent - Detects typosquatting packages in npm and PyPI
registries using Levenshtein distance analysis, publish date heuristics, and
download count anomalies."""
import json
import logging
import argparse
import re
import time
from datetime import datetime, timezone
from pathlib import Path
import requests
try:
from Levenshtein import distance as levenshtein_distance
except ImportError:
# Fallback pure-Python Levenshtein implementation
def levenshtein_distance(s1, s2):
if len(s1) < len(s2):
return levenshtein_distance(s2, s1)
if len(s2) == 0:
return len(s1)
prev_row = range(len(s2) + 1)
for i, c1 in enumerate(s1):
curr_row = [i + 1]
for j, c2 in enumerate(s2):
insertions = prev_row[j + 1] + 1
deletions = curr_row[j] + 1
substitutions = prev_row[j] + (c1 != c2)
curr_row.append(min(insertions, deletions, substitutions))
prev_row = curr_row
return prev_row[-1]
logging.basicConfig(level=logging.INFO, format="%(asctime)s [%(levelname)s] %(message)s")
logger = logging.getLogger(__name__)
PYPI_API = "https://pypi.org/pypi/{}/json"
NPM_API = "https://registry.npmjs.org/{}"
NPM_DOWNLOADS_API = "https://api.npmjs.org/downloads/point/last-week/{}"
PYPISTATS_API = "https://pypistats.org/api/packages/{}/recent"
SESSION = requests.Session()
SESSION.headers.update({"Accept": "application/json", "User-Agent": "typosquat-detector/1.0"})
def normalize_pypi_name(name):
"""Normalize a PyPI package name per PEP 503."""
return re.sub(r"[-_.]+", "-", name).lower()
def generate_typosquat_candidates(name):
"""Generate potential typosquat variants of a package name.
Produces candidates via character omission, transposition, insertion,
substitution (keyboard-adjacent), and separator manipulation.
"""
candidates = set()
lower_name = name.lower()
# Character omission: remove each character one at a time
for i in range(len(lower_name)):
candidate = lower_name[:i] + lower_name[i + 1:]
if candidate and candidate != lower_name:
candidates.add(candidate)
# Character transposition: swap adjacent characters
for i in range(len(lower_name) - 1):
chars = list(lower_name)
chars[i], chars[i + 1] = chars[i + 1], chars[i]
candidate = "".join(chars)
if candidate != lower_name:
candidates.add(candidate)
# Character duplication: double each character
for i in range(len(lower_name)):
candidate = lower_name[:i] + lower_name[i] + lower_name[i:]
if candidate != lower_name:
candidates.add(candidate)
# Keyboard-adjacent substitution (QWERTY layout)
qwerty_neighbors = {
"q": "wa", "w": "qeas", "e": "wrds", "r": "etfs", "t": "ryg",
"y": "tuh", "u": "yij", "i": "uok", "o": "ipl", "p": "ol",
"a": "qwsz", "s": "wedxza", "d": "erfcxs", "f": "rtgvcd",
"g": "tyhbvf", "h": "yujng", "j": "uikmh", "k": "ioljm",
"l": "opk", "z": "asx", "x": "zsdc", "c": "xdfv", "v": "cfgb",
"b": "vghn", "n": "bhjm", "m": "njk",
}
for i, ch in enumerate(lower_name):
for neighbor in qwerty_neighbors.get(ch, ""):
candidate = lower_name[:i] + neighbor + lower_name[i + 1:]
if candidate != lower_name:
candidates.add(candidate)
# Separator manipulation for hyphenated/underscored names
if "-" in lower_name or "_" in lower_name:
candidates.add(lower_name.replace("-", "").replace("_", ""))
candidates.add(lower_name.replace("-", "_"))
candidates.add(lower_name.replace("_", "-"))
candidates.add(lower_name.replace("-", "--"))
# Common prefix/suffix combosquatting
for affix in ["python-", "py-", "-python", "-py", "-lib", "-sdk", "2", "3"]:
if affix.startswith("-"):
candidates.add(lower_name + affix)
else:
candidates.add(affix + lower_name)
# Remove the original name if present
candidates.discard(lower_name)
candidates.discard(name)
return sorted(candidates)
def query_pypi_package(name, delay=0.5):
"""Query the PyPI JSON API for package metadata.
Returns parsed metadata or None if the package does not exist.
"""
url = PYPI_API.format(name)
try:
time.sleep(delay)
resp = SESSION.get(url, timeout=15)
if resp.status_code == 404:
return None
resp.raise_for_status()
data = resp.json()
info = data.get("info", {})
releases = data.get("releases", {})
# Find first and latest upload times
upload_times = []
for version_files in releases.values():
for f in version_files:
if f.get("upload_time_iso_8601"):
upload_times.append(f["upload_time_iso_8601"])
first_upload = min(upload_times) if upload_times else None
latest_upload = max(upload_times) if upload_times else None
return {
"registry": "pypi",
"name": info.get("name", name),
"version": info.get("version"),
"author": info.get("author"),
"author_email": info.get("author_email"),
"summary": info.get("summary"),
"home_page": info.get("home_page"),
"project_url": info.get("project_url"),
"requires_python": info.get("requires_python"),
"license": info.get("license"),
"version_count": len(releases),
"first_upload": first_upload,
"latest_upload": latest_upload,
"exists": True,
}
except requests.RequestException as e:
logger.warning("PyPI query failed for %s: %s", name, e)
return None
def query_npm_package(name, delay=0.5):
"""Query the npm registry API for package metadata.
Returns parsed metadata or None if the package does not exist.
"""
url = NPM_API.format(name)
try:
time.sleep(delay)
resp = SESSION.get(url, timeout=15)
if resp.status_code == 404:
return None
if resp.status_code == 429:
logger.warning("npm rate limited, waiting 10 seconds")
time.sleep(10)
resp = SESSION.get(url, timeout=15)
resp.raise_for_status()
data = resp.json()
time_info = data.get("time", {})
maintainers = data.get("maintainers", [])
return {
"registry": "npm",
"name": data.get("name", name),
"description": data.get("description"),
"dist_tags_latest": data.get("dist-tags", {}).get("latest"),
"created": time_info.get("created"),
"modified": time_info.get("modified"),
"maintainers": [m.get("name") for m in maintainers],
"version_count": len(data.get("versions", {})),
"license": data.get("license"),
"homepage": data.get("homepage"),
"repository": data.get("repository", {}).get("url") if isinstance(data.get("repository"), dict) else data.get("repository"),
"exists": True,
}
except requests.RequestException as e:
logger.warning("npm query failed for %s: %s", name, e)
return None
def get_pypi_downloads(name):
"""Get recent download stats for a PyPI package from pypistats.org."""
url = PYPISTATS_API.format(name)
try:
resp = SESSION.get(url, timeout=10)
if resp.status_code != 200:
return None
data = resp.json().get("data", {})
return data.get("last_week", 0)
except requests.RequestException:
return None
def get_npm_downloads(name):
"""Get last-week download count for an npm package."""
url = NPM_DOWNLOADS_API.format(name)
try:
resp = SESSION.get(url, timeout=10)
if resp.status_code != 200:
return None
return resp.json().get("downloads", 0)
except requests.RequestException:
return None
def compute_suspicion_score(candidate_meta, target_meta, target_name, registry):
"""Compute a weighted suspicion score for a candidate typosquat package.
Signals:
- Levenshtein distance (1 = 40pts, 2 = 25pts, 3 = 10pts)
- Publish recency: created within 90 days = 15pts
- Download ratio: candidate/target < 0.001 = 15pts
- Different author/maintainer = 10pts
- Low version count (<=2) = 5pts
- No repository URL = 5pts
"""
score = 0
signals = {}
candidate_name = candidate_meta.get("name", "")
# Levenshtein distance
if registry == "pypi":
dist = levenshtein_distance(
normalize_pypi_name(candidate_name),
normalize_pypi_name(target_name),
)
else:
dist = levenshtein_distance(candidate_name.lower(), target_name.lower())
signals["levenshtein_distance"] = dist
if dist == 1:
score += 40
elif dist == 2:
score += 25
elif dist == 3:
score += 10
# Publish recency
now = datetime.now(timezone.utc)
first_publish = candidate_meta.get("first_upload") or candidate_meta.get("created")
if first_publish:
try:
if isinstance(first_publish, str):
first_dt = datetime.fromisoformat(first_publish.replace("Z", "+00:00"))
else:
first_dt = first_publish
days_old = (now - first_dt).days
signals["days_since_first_publish"] = days_old
if days_old <= 90:
score += 15
elif days_old <= 180:
score += 8
except (ValueError, TypeError):
pass
# Download disparity
if registry == "pypi":
candidate_dl = get_pypi_downloads(candidate_name)
target_dl = get_pypi_downloads(target_name)
else:
candidate_dl = get_npm_downloads(candidate_name)
target_dl = get_npm_downloads(target_name)
signals["candidate_downloads_weekly"] = candidate_dl
signals["target_downloads_weekly"] = target_dl
if candidate_dl is not None and target_dl and target_dl > 0:
ratio = candidate_dl / target_dl
signals["download_ratio"] = round(ratio, 6)
if ratio < 0.001:
score += 15
elif ratio < 0.01:
score += 8
# Author comparison
if registry == "pypi":
candidate_author = (candidate_meta.get("author") or "").lower().strip()
target_author = (target_meta.get("author") or "").lower().strip()
else:
candidate_author = set(m.lower() for m in (candidate_meta.get("maintainers") or []))
target_author = set(m.lower() for m in (target_meta.get("maintainers") or []))
if candidate_author and target_author and candidate_author != target_author:
score += 10
signals["different_author"] = True
else:
signals["different_author"] = False
# Version count
version_count = candidate_meta.get("version_count", 0)
signals["version_count"] = version_count
if version_count <= 2:
score += 5
# Repository URL presence
repo = candidate_meta.get("home_page") or candidate_meta.get("homepage") or candidate_meta.get("repository")
signals["has_repository"] = bool(repo)
if not repo:
score += 5
signals["total_score"] = score
return score, signals
def classify_risk(score):
"""Classify risk level based on composite score."""
if score >= 70:
return "HIGH"
elif score >= 40:
return "MEDIUM"
else:
return "LOW"
def scan_package(target_name, registry="pypi", max_candidates=None):
"""Scan for typosquat candidates of a target package.
Generates candidates, checks which exist in the registry, scores them,
and returns ranked results.
"""
logger.info("Scanning for typosquats of '%s' on %s", target_name, registry)
# Fetch target package metadata
if registry == "pypi":
target_meta = query_pypi_package(target_name, delay=0.2)
else:
target_meta = query_npm_package(target_name, delay=0.2)
if not target_meta:
logger.warning("Target package '%s' not found on %s", target_name, registry)
return {"target": target_name, "registry": registry, "error": "Target package not found"}
# Generate candidates
candidates = generate_typosquat_candidates(target_name)
if max_candidates:
candidates = candidates[:max_candidates]
logger.info("Generated %d typosquat candidates for '%s'", len(candidates), target_name)
# Query registry for each candidate
results = []
for i, candidate in enumerate(candidates):
if registry == "pypi":
meta = query_pypi_package(candidate, delay=0.3)
else:
meta = query_npm_package(candidate, delay=0.3)
if meta and meta.get("exists"):
score, signals = compute_suspicion_score(
meta, target_meta, target_name, registry
)
risk = classify_risk(score)
results.append({
"candidate": candidate,
"target": target_name,
"registry": registry,
"score": score,
"risk": risk,
"signals": signals,
"metadata": meta,
})
logger.info(
" [%s] %s (score=%d, lev=%d)",
risk, candidate, score, signals.get("levenshtein_distance", -1),
)
if (i + 1) % 50 == 0:
logger.info(" Progress: %d/%d candidates checked", i + 1, len(candidates))
# Sort by score descending
results.sort(key=lambda r: r["score"], reverse=True)
return {
"target": target_name,
"registry": registry,
"target_metadata": target_meta,
"candidates_generated": len(candidates),
"candidates_found": len(results),
"results": results,
}
def scan_dependency_file(filepath, registry="pypi", max_candidates_per_pkg=None):
"""Scan all dependencies in a requirements file or package.json."""
filepath = Path(filepath)
if not filepath.exists():
return {"error": f"File not found: {filepath}"}
content = filepath.read_text()
packages = []
if filepath.name in ("requirements.txt", "requirements.in"):
for line in content.splitlines():
line = line.strip()
if line and not line.startswith("#") and not line.startswith("-"):
pkg = re.split(r"[><=!~\[]", line)[0].strip()
if pkg:
packages.append(pkg)
elif filepath.name == "package.json":
try:
pkg_json = json.loads(content)
for dep_key in ("dependencies", "devDependencies", "peerDependencies"):
packages.extend(pkg_json.get(dep_key, {}).keys())
except json.JSONDecodeError as e:
return {"error": f"Invalid JSON: {e}"}
elif filepath.name in ("Pipfile",):
for line in content.splitlines():
line = line.strip()
if "=" in line and not line.startswith("[") and not line.startswith("#"):
pkg = line.split("=")[0].strip().strip('"')
if pkg and not pkg.startswith("["):
packages.append(pkg)
else:
# Generic: one package per line
for line in content.splitlines():
line = line.strip()
if line and not line.startswith("#"):
packages.append(line.split()[0])
packages = list(dict.fromkeys(packages)) # deduplicate preserving order
logger.info("Found %d packages in %s", len(packages), filepath)
all_results = {
"file": str(filepath),
"registry": registry,
"packages_scanned": len(packages),
"scan_results": [],
"summary": {"high": 0, "medium": 0, "low": 0},
}
for pkg in packages:
result = scan_package(pkg, registry, max_candidates_per_pkg)
all_results["scan_results"].append(result)
for r in result.get("results", []):
risk = r.get("risk", "LOW").lower()
all_results["summary"][risk] = all_results["summary"].get(risk, 0) + 1
return all_results
def generate_report(data, output_path):
"""Write scan results to a JSON report file."""
report = {
"report_generated": datetime.now(timezone.utc).isoformat(),
**data,
}
with open(output_path, "w") as f:
json.dump(report, f, indent=2, default=str)
logger.info("Report written to %s", output_path)
def main():
parser = argparse.ArgumentParser(
description="Typosquatting Detection Agent for npm and PyPI"
)
sub = parser.add_subparsers(dest="command", required=True)
# scan single package
scan_p = sub.add_parser("scan", help="Scan for typosquats of a single package")
scan_p.add_argument("package", help="Target package name to scan for typosquats")
scan_p.add_argument("--registry", choices=["pypi", "npm"], default="pypi",
help="Package registry to scan (default: pypi)")
scan_p.add_argument("--max-candidates", type=int, help="Limit candidates to check")
# scan dependency file
file_p = sub.add_parser("scan-file", help="Scan dependencies from a file")
file_p.add_argument("file", help="Path to requirements.txt, package.json, etc.")
file_p.add_argument("--registry", choices=["pypi", "npm"], default="pypi",
help="Package registry to scan (default: pypi)")
file_p.add_argument("--max-candidates", type=int, help="Limit candidates per package")
# check single candidate
check_p = sub.add_parser("check", help="Check a specific package name against a target")
check_p.add_argument("candidate", help="Candidate package name to check")
check_p.add_argument("target", help="Legitimate target package name")
check_p.add_argument("--registry", choices=["pypi", "npm"], default="pypi")
# generate candidates only (no registry queries)
gen_p = sub.add_parser("generate", help="Generate typosquat candidates without querying registry")
gen_p.add_argument("package", help="Package name to generate candidates for")
parser.add_argument("--output", default="typosquat_report.json", help="Output report path")
args = parser.parse_args()
result = {}
if args.command == "scan":
result = scan_package(args.package, args.registry, args.max_candidates)
elif args.command == "scan-file":
result = scan_dependency_file(args.file, args.registry, args.max_candidates)
elif args.command == "check":
if args.registry == "pypi":
candidate_meta = query_pypi_package(args.candidate)
target_meta = query_pypi_package(args.target)
else:
candidate_meta = query_npm_package(args.candidate)
target_meta = query_npm_package(args.target)
if not candidate_meta:
result = {"candidate": args.candidate, "exists": False, "risk": "NONE"}
elif not target_meta:
result = {"error": f"Target package '{args.target}' not found"}
else:
score, signals = compute_suspicion_score(
candidate_meta, target_meta, args.target, args.registry
)
result = {
"candidate": args.candidate,
"target": args.target,
"registry": args.registry,
"score": score,
"risk": classify_risk(score),
"signals": signals,
"candidate_metadata": candidate_meta,
"target_metadata": target_meta,
}
elif args.command == "generate":
candidates = generate_typosquat_candidates(args.package)
result = {
"package": args.package,
"candidate_count": len(candidates),
"candidates": candidates,
}
print(json.dumps(result, indent=2, default=str))
generate_report(result, args.output)
if __name__ == "__main__":
main()