PROBABLY_PENTEST (1) campaign cataloged at 2024-11-30(2).

1. Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.
2. This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.

2023-12-valuent

Packages either test the malicious behaviour, or actually download and run a simple remote script during the installation.

Abuse categories

basic_exfiltration

The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.

override_install

The package overrides the install command in setup.py to execute malicious code during installation.

remote_script

Downloads and executes a remote malicious script.

Packages in the campaign

campaign:2023-12-valuent

• bestcolorsever
• bestcolorsever2
• bestcolorsever3
• bettercolorstesting
• calc123lorc
• calccc
• calcnotepad
• calctestchristmas
• christmasmiraclemaker
• enchantv
• excaliburx
• newpackagetest2024
• newpackagetest2025
• newpackagetest2026
• newpackagetest2027
• newpackagetest2028
• richcolor