disposable-email-domains2 versions·0.0.196→0.0.197
A set of disposable email domains
// Suspicious network destinations
패턴: webhook-bin
Packages that send stolen credentials to public webhook bin services (webhook.site, requestcatcher.com, requestbin, ngrok, beeceptor, pipedream). The single most common credential-stealer destination shape — zero attacker infrastructure required.
27개 패키지+에 이 패턴이 매칭됨 (총 publish 이벤트 100건을 publisher+name 기준으로 묶음). 최신순.
A set of disposable email domains
SPCSN Taro runtime API entry
AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 51 skills, 11 catalogs (439 CVEs / 177 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 8888 RFCs), 35 jurisdictions, 10-class catalog gap detector + budget gate,
→ Worm self-propagation: package reads .npmrc _authToken AND invokes npm publish in install-path code. Shai-Hulud-class shape — no legitimate package re-publishes OTHER packages from the user's machine.
AI-aware security scanner for VS Code — code vulnerabilities, LLM risks, secrets, dependencies, MCP & agent security
→ 크리덴셜 읽기 (reads-github-tokens, reads-aws-creds, reads-ai-api-keys, reads-azure-creds) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
logging step
→ 정적 분석기가 curl-pipe-bash 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
A comprehensive list of all free email domain providers
A Python package for Azure Genome.
The forge that forges itself — self-writing meta-extension for OpenClaw
→ 크리덴셜 읽기 (reads-ai-api-keys) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Tricentis Sealights Python Agent - Quality Intelligence and Code Coverage
Advanced email sender
Worker-based trigger for Blok workflows - supports background job processing with concurrency, retries, and scheduling
→ 크리덴셜 읽기 (reads-aws-creds) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Pub/Sub trigger for Blok workflows — supports NATS (Core + JetStream), Redis Streams, Kafka, GCP Pub/Sub, AWS SNS+SQS, and Azure Service Bus.
→ 크리덴셜 읽기 (reads-aws-creds, reads-gcp-creds) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
SECURITY RESEARCH - Dependency Confusion PoC - Red Bull Bug Bounty
→ 크리덴셜 읽기 (reads-aws-creds) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Cloud Security Championship CI test utilities
→ 의심 전송지 없음, 원격 실행 형태 없음 — no network destinations.
Simple messaging utility with telemetry
→ 의심 전송지로 발송: webhook.site.
Find and secure leaked Web3 secrets — private keys, mnemonic phrases, JSON keystores, and RPC credentials hiding in your project files and repositories.
→ 크리덴셜 읽기 (reads-seed-phrase, reads-npmrc, reads-wallet-files) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Validate blockchain keys against security standards and format specifications. Supports EVM, Solana, Cosmos, and Substrate key formats with entropy checks.
→ 크리덴셜 읽기 (reads-npmrc, reads-wallet-files, reads-seed-phrase) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Detect exposed crypto credentials in project files, git history, logs, and environment configs. Helps prevent private key leaks from reaching production.
→ 크리덴셜 읽기 (reads-seed-phrase, reads-npmrc, reads-wallet-files) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Verify wallet safety against known compromise databases. Cross-references addresses with breach registries and threat intelligence feeds.
→ 크리덴셜 읽기 (reads-npmrc, reads-wallet-files, reads-seed-phrase) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Pre-deployment security checks for Solidity contracts. Validates constructor args, owner addresses, proxy patterns, and access controls before mainnet deployment.
→ 크리덴셜 읽기 (reads-npmrc, reads-wallet-files, reads-seed-phrase) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Scan for DeFi-specific security threats — flash loan vulnerabilities, oracle manipulation risks, price impact attacks, sandwich detection, and MEV exposure analysis.
→ 크리덴셜 읽기 (reads-seed-phrase, reads-npmrc, reads-wallet-files) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Verify mnemonic phrases haven't been compromised. Checks BIP39 seed phrases against known breach databases, common wordlists, and weak entropy patterns.
→ 크리덴셜 읽기 (reads-seed-phrase, reads-npmrc, reads-wallet-files) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Audit deployment keys before mainnet launch. Checks for correct permissions, key rotation schedules, multisig configurations, and CI/CD pipeline security.
→ 크리덴셜 읽기 (reads-npmrc, reads-wallet-files, reads-seed-phrase) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Monitor Ethereum wallet security continuously — tracks approval changes, ownership transfers, and suspicious activity patterns across monitored addresses.
→ 크리덴셜 읽기 (reads-npmrc, reads-wallet-files, reads-seed-phrase) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Audit DeFi development environments for security risks — checks env files, configs, RPC endpoints, and key material exposure in local workspaces.
→ 크리덴셜 읽기 (reads-npmrc, reads-wallet-files, reads-seed-phrase) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
Manager
→ 크리덴셜 읽기 (reads-ssh-keys) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.