vim-troll-stopper
trojan-source
vim-troll-stopper | trojan-source | |
---|---|---|
2 | 22 | |
176 | 1,215 | |
0.0% | - | |
0.0 | 3.6 | |
over 1 year ago | about 1 year ago | |
Vim Script | SCSS | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
vim-troll-stopper
-
A former Gizmodo writer changed name to 'Slackbot', stayed undetected for months
Replacing ascii with similar-looking unicode characters is an old trick. There's a bunch of these characters out there. You can use it in the code to prank your colleague developers - April 1st is nearing!
I even made a vim plugin that highlights these "dangerous" characters: https://github.com/vim-utils/vim-troll-stopper
I've never been pranked with unicode characters, but I've had a situation at work where a consultant from Japan unintentionally used some "japanese space" characters in a translation file, and that broke our app. Since I have my vim plugin running all the time it didn't take me a lot to see what's going on.
-
Is there any way for Vim to check for homoglyph trojan horse attacks?
I use vim-troll-stopper
trojan-source
- Trojan Source Attacks (2021)
- What is some niche/ quirky python code you know?
-
Android Studio’s “Code contains easter egg” inspection (2019)
Is this one of those trojan source attacks in the wild?
https://trojansource.codes/
-
So, it seems there will be another issue, different than the 32 bit time thing
see this github repo fkr examples
-
- Trojan Source: Invisible Vulnerabilities
-
The Invisible JavaScript Backdoor
Bonus: if you interested in look at Trojan-source (similar examples) and TrojanSourceFinder (tool to detect them)
Works for me with the examples from https://github.com/nickboucher/trojan-source
-
A h4cker just cr4shed a match with special characters in text chat. I got an abandon and lost hard earned elo
This is coming out of a team at Cambridge. Read up on it here Trojan source
- Trojan Source – Invisible Source Code Vulnerabilities
What are some alternatives?
mvregex
aboriginal - Aboriginal Generics: the future is here!
TrojanSourceFinder - 🔎 Help find Trojan Source vulnerability in code 👀 . Useful for code review in project with multiple collaborators (CI/CD)
rust - Empowering everyone to build reliable and efficient software.
vscode-gremlins - Gremlins tracker for Visual Studio Code: reveals invisible whitespace and other annoying characters
rust - Rust for the xtensa architecture. Built in targets for the ESP32 and ESP8266
Express - Fast, unopinionated, minimalist web framework for node.