Skip to content
#

shai-hulud-attack

Star

Here are 3 public repositories matching this topic...

Language: All
Filter by language
All 3 TypeScript 2 Python 1

gensecaihq / Shai-Hulud-2.0-Detector

Star 109

Detect npm packages compromised in the Shai-Hulud 2.0 supply chain attack (Nov 2025). Scans for 790+ malicious packages, suspicious scripts, TruffleHog activity, SHA1HULUD runners, and secrets exfiltration. GitHub Action with SARIF support.

nodejs npm security sarif devsecops vulnerability-scanner malware-detection credential-theft github-actions open-source-security supply-chain-security sarif-report package-security shai-hulud shai-hulud-detector shai-hulud-attack shai-hulud2-detector shai-hulud2 shai-hulud2-inspector sha1-hulud
  • Updated Dec 9, 2025
  • TypeScript

josedacosta / shai-hulud-detector

Star 2

🛡️ Advanced NPM supply chain attack detection tool - Specialized in detecting Shai-Hulud compromise indicators with beautiful CLI interface and automated security reporting

threat-hunting vulnerability-detection security-analysis malware-detection defensive-security npm-audit malicious-packages compromise-detection crypto-stealer npm-security shai-hulud shai-hulud-detector shai-hulud-attack supply-chain-attack self-replicating-worm github-actions-malware bundle-js-detection trufflehog-abuse cli-security-tool package-scanner
  • Updated Sep 19, 2025
  • TypeScript

Improve this page

Add a description, image, and links to the shai-hulud-attack topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the shai-hulud-attack topic, visit your repo's landing page and select "manage topics."

Learn more