aastf

v2.0.0 suspicious
6.0
Medium Risk

Agentic AI Security Testing Framework - OWASP ASI Top 10

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits several concerning behaviors including high shell risk and obfuscation risk, suggesting potential for hidden malicious activities. While there's no direct evidence of credential harvesting or severe network risks, the combination of these factors raises suspicion.

  • High shell risk due to unsanitized command execution
  • Significant obfuscation techniques used, possibly to hide malicious intent
Per-check LLM notes
  • Network: The observed network patterns are likely associated with sending data to a webhook URL, which could be benign if the package is designed for logging or alerting.
  • Shell: The presence of shell execution patterns suggests potential risks, especially if the inputs to these commands are not properly sanitized, indicating a higher risk of command injection.
  • Obfuscation: The presence of base64 decoding and ROT13 conversion along with detection patterns for potentially dangerous functions suggests obfuscation to hide malicious activity.
  • Credentials: No clear evidence of credential harvesting is present, but the obfuscation techniques could be used to conceal such activities.
  • Metadata: Suspicious non-HTTPS external link and author details raise concerns.

🔬 Heuristic Checks

Outbound Network Calls score 7.5

Found 5 network call pattern(s)

  • ad).encode("utf-8") req = urllib.request.Request(url, data=body, headers=hdrs, method="POST") try
  • "POST") try: with urllib.request.urlopen(req, timeout=30) as resp: return resp.st
  • t() -> int: req = urllib.request.Request( self._webhook_url, # type: ignore[
  • try: with urllib.request.urlopen(req, timeout=30) as resp: return
  • h() -> int: req = urllib.request.Request( self._sarif_endpoint, # type: igno
Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

  • : str) -> str: return base64.b64decode(text.encode("ascii")).decode("utf-8") class ROT13Converter
  • CE_KEYWORDS = [ "exec(", "eval(", "os.system", "subprocess", "__import__", "run_command
  • (re.compile(r"\beval\s*\("), "eval() call detected — potential code injection", "Use ast.l
  • icFinding]: """Detect eval(), exec(), os.system() and other dangerous calls."""
  • dboxed interpreter"), (re.compile(r"\bexec\s*\("), "exec() call detected — potential code injection",
  • _\s*\("), "Dynamic import via __import__() — potential supply chain risk", "Use importlib with va
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • mpile(r"\bos\.system\s*\("), "os.system() call — potential command injection", "Use subprocess.
  • """Detect eval(), exec(), os.system() and other dangerous calls.""" findings: list[Stati
  • """ try: result = subprocess.run( ["codex", "exec", "-"], input=promp
  • """ try: result = subprocess.run( ["cmd", "/c", "gemini -p -"], input
  • try: result = subprocess.run( ["git", "rev-parse", "HEAD"],
  • try: result = subprocess.run( ["git", "symbolic-ref", "HEAD"],
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://attacker.com/collect
Git Repository History

Repository anonymousAAK/aastf appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aastf 
Create a fully-functional mini-application named 'AgenticSecurityScanner' that leverages the 'aastf' Python package to perform security assessments on web applications based on the OWASP ASI Top 10 standards. This tool will serve as an educational and practical resource for developers and security professionals to understand common vulnerabilities and how to mitigate them.

Step 1: Setup
- Begin by installing the 'aastf' package via pip.
- Ensure your development environment is configured with Python 3.8 or higher.

Step 2: Core Functionality
- Design a command-line interface (CLI) where users can input a URL of a web application they want to test.
- Implement functionality within 'AgenticSecurityScanner' that uses 'aastf' to scan the provided URL against the OWASP ASI Top 10 criteria.
- Display a summary report of findings, highlighting any potential security issues identified during the scan.

Step 3: Advanced Features
- Include an option for users to specify which OWASP ASI Top 10 categories they wish to test for, allowing for more focused scans.
- Develop a feature that generates a detailed report in PDF format, summarizing the scan results and offering recommendations for remediation.
- Integrate a logging mechanism that records all scan activities and results, enabling historical analysis and audit trails.

Step 4: User Interface
- Ensure the CLI is intuitive and user-friendly, providing clear instructions and feedback throughout the scanning process.
- Consider adding color-coded outputs to visually distinguish between different types of alerts and information messages.

Step 5: Documentation and Deployment
- Write comprehensive documentation detailing how to install, configure, and use 'AgenticSecurityScanner'.
- Package the application using tools like PyInstaller or cx_Freeze to create standalone executables for Windows, macOS, and Linux.

Throughout the development process, ensure you utilize the full capabilities of the 'aastf' package to provide accurate and thorough security assessments.