HamodyRat

v0.0.2 suspicious
6.0
Medium Risk

• Scrape Instagram Profile and login Instagram

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits signs of potential malicious behavior due to its network and shell execution risks, despite showing no direct evidence of credential harvesting or obfuscation.

  • High network risk due to unverified POST requests
  • Shell risk due to potential unauthorized system modifications
Per-check LLM notes
  • Network: Unverified POST requests can indicate potential data exfiltration or command and control (C2) communication.
  • Shell: Executing shell commands like 'pip install' can be a sign of attempting to modify the system environment or install additional packages without user consent.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package appears suspicious due to the author having only one package and it being brand new.

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • "method": "POST" } r = requests.post(url, data=data, headers=headers, verify=False, timeout=15).j
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • uleNotFoundError: import os os.system("pip install uuid4") class Hamody: def facebook(email): d
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository pypa/sampleproject appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author "Hamody" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with HamodyRat 
Create a social media monitoring tool using Python's 'HamodyRat' package. This tool will allow users to monitor their Instagram profiles and track interactions such as likes, comments, and follower growth over time. The application should also enable users to scrape data from other Instagram profiles for comparative analysis. Here’s a step-by-step guide on how to develop this tool:

1. **Setup Environment**: Install necessary packages including 'HamodyRat', 'pandas', and 'matplotlib'. Ensure you have the required dependencies installed.
2. **Authentication Module**: Implement a secure login mechanism using 'HamodyRat' to authenticate users into their Instagram accounts. Store session information securely.
3. **Profile Scraper**: Develop a feature that scrapes the user's own profile for metrics like number of posts, followers, following, and engagement rates. Additionally, allow scraping of other public profiles to gather similar metrics.
4. **Data Visualization**: Use 'matplotlib' to create visual representations of the gathered data. Visualizations should include trends over time for key metrics.
5. **Comparison Tool**: Enable users to compare their profile metrics against those scraped from other Instagram profiles. Highlight differences in follower growth, engagement rates, etc.
6. **Dashboard**: Create a simple dashboard where users can input their Instagram credentials, select which metrics they want to track, and view real-time updates and historical data.
7. **Security Measures**: Ensure all data handling complies with GDPR and other relevant regulations. Securely manage user credentials and avoid storing them in plain text.
8. **Testing and Documentation**: Thoroughly test the application for functionality, security, and usability. Document all steps involved in setting up and using the application.