Show HN: Hexora – static analysis tool for malicious Python scripts
github.comI made a new library to detect malicious and harmful behaviour in Python scripts.
There are alternative libraries, but they usually rely on regexes, which can be fragile and tricked. My library uses AST and tracks some of the obfuscation techniques, such as import/call reassignment.
Currently, I'm testing it on public files where some of them implement malicious behavior, as well as past malicious packages on PyPI.
You can see some of the detection examples here:
https://github.com/rushter/hexora/blob/main/docs/examples.md
I'd love to hear your feedback and ideas on how to improve this and identify missing rules.